Simple Access - SSL VPN.
Secure Access - strong two factor authentication.
Probrand recommends a winning combination of a Dell Sonicwall Aventail SSL VPN appliance coupled with a two factor authentication solution tailored to your needs.
- Dell SonicWall Aventail SSL VPN delivers the easiest secure remote access solution for mobile enterprise and has been called visionary by analyst firm Gartner
- Vasco offers quality token and web-based two factor authentication for every size of organisation
- Swivel Secure provides tokenless two factor authentication with 73% less maintenance costs than RSA tokens for larger organisations
Dell SonicWall Aventail SSL VPN gives remote users access to client server applications and internal network connections using any web enabled device. It is te most future proofed remote access controller on the market.
Importantly, it is easy to deploy with no pre-installation of specialised client software on end user computers. Dell SonicWall Aventail SSL VPN is a simple, cheap way to give mobile workers a complete 'in-office' experience with remote access to corporate networks and data securely.
The ‘traffic’ between the end user’s Web browser and the SSL VPN device is fully encrypted. Dell SonicWall’s SSL VPN provides a dedicated hardened security appliance whilst the authentication solution of your choice only enables fully approved users access to corporate data and systems.
When a user wants to access a network remotely they simply click an 'Aventail' desktop icon and log-in to the SSL VPN web page supplying their everyday standard log-in details.
Then they input a unique code provided by either a Vasco or Swivel Secure authentication solution for secondary security and immediate access. Crucially, the users unqieu code is provided through two different channels for added security, for example on the desktop and via mobile phone.
See here our Remote Access case study
Dell SonicWall Aventail SSL VPN - your secure tunnel:
- Remote Access: Provides secure remote access to the most resources from the most end point device platforms
- Mobile Enterprise: The only SSL VPN solution to provide support for Microsoft® Windows Mobile PDAs and Smartphones
- Disaster Recovery: Allows employees to remain productive from anywhere, anytime—even during unexpected business-infrastructure disruptions like natural disasters, pandemics, or terrorist activities
- Wireless: Centralised secure access control for wireless networks supporting multiple device platforms
- Extranet: Extends access to partners to increase collaboration in a way that does not compromise access control and security
- Enforcing Policy: Enables IT to enforce policy across disparate points of entry, allowing granular access control for collaboration and compliance
- Network Access Control: The easiest most future-proofed remote access controller on the market
User authentication tailored to you - two options
1. Vasco strong authentication - Tokens and web-based authentication for every organisation
Cost effective, flexible and scaleable hardware tokens and web-based two factor authentication from the World's biggest provider, Vasco. As used to meet tight tolerances of financial institutions and online banking. Whether you operate in tough conditions with no smartphone reception or internet access, the Vasco approach ensures remote users authenticate to the same level as 75% of all financial organisations world-wide.
That means quality physical tokens and software plus Vasco’s unique cloud-based service Mydigipass.com, enable managers to lock down complete infrastructures quickly, simply and with minimal ongoing cost. Cost effective, flexible, scaleable.
- Banking level authentication from the biggest global provider
- Physical hardware tokens and software based two factor authentication
- Total choice of provision – from physical tokens to smartphone and web
- Simple time based ‘one-time passwords’ generated at, not before, point of user request for absolute security
- Radical scaleability - designed to fit all shapes, sizes, environments and budgets
- Total flexibility - option of cloud-based managed service for single sign-in to multiple web-based applications using dynamic passwords – webmail, salesforce, Office 365, Google Apps
- Vasco prides itself on a 100% service delivery record
2. Swivel Secure token-less authentication for larger organisations
Swivel Secure offers a new and innovative budget busting authentication approach that is on average 73% cheaper than the cost of buying, implementing, managing and maintaining a token based system. Swivel offers the reassurance of two factor compliance without the cost of tokens.
Implementation costs of the Swivel authentication platform are often less than the renewal cost of tokens alone.
- Simple two factor token-less authentication for strong security
- Instant add and remove of end users
- No cost associated with generating individual tokens
- Reduced implementation, admin and management overheads
- Platform independent – web and mobile device
- CESG claims tested – approved by UK Government’s national technical authority for Information Assurance
- Scalable, flexible, reliable
- A single Swivel server can provide the authentication for all remote services, VPNs, Websites, cloud applications and Web applications
Swivel enables complete authentication of network access - strong, multi-factor, flexible, token-less security. It eradicates ongoing cost and management time associated with token based approaches.
How does it work?
Swivel combats attacks from skimming, phishing and spyware to shoulder-surfing and key-logging, amongst others.
Each user is issued with a unique PIN and given access to randomly generated security strings delivered directly via the web, SMS, mobile app or telephone.
In this example, when the user wants to authenticate access to the network, they click a desktop Swivel icon, which generates a random security string. The user then combines their PIN with the security string in their head in order to generate their one-time-code (OTC). This OTC is then entered into the users log-in area – in this example, this is through a SonicWall Aventail SSL VPN, it demands a OTC alongside standard username and password.
Fig. 1 User is issued with a four digit PIN number.
Fig. 2 Whenever the user wants access they are presented with a Security String (a series of 10 random numbers) – via web browser or mobile device.
Fig. 3 The user combines their PIN to identify which characters from the string they need to enter as the One Time Code (OTC) to authenticate access.
Tell me more ...
The example above shows how a PIN of 1268 is combined with the security string to create the one-time code 2085. PINs can be from 4 digits to 10 digits long.
Security strings can be letters, numbers or a mixture of both. The user never enters their PIN providing defense against all common attacks.
Swivel features include:
- User management facility
- User-defined PIN composition and change policies
- Self-care options
- Comprehensive logging options
- Deployed as software singularly or across multiple appliances
The advantages of not requiring a dedicated security token:
- There are no token-associated costs
- There is nothing physically to distribute for provision or collect for de-commission
- People treat their mobile phone as an essential piece of equipment; they are highly unlikely to be without it