VPN technology is the established standard for transporting and securing sensitive data in public transmission media. It depends on the relevant remote access requirements whether IPsec (Internet Protocol Security) or SSL (Secure Socket Layer) is used as tunnelling protocol.
NCP supports both processes, true to their motto "Next Generation Network Access Technology" and offers a universally applicable VPN platform for corporate networks with its Secure Enterprise Solution. Our customers especially value – among universality - the ease of use and the fast return on investment (ROI).
The Communication
NCP's SSL VPN solution offers all modules corresponding to the different remote access requirements.
Overview of functionalities of the NCP Secure Enterprise SSL VPN Server (click image to enlarge)
Web Proxy and File Access
This module enables access to the internal web applications via http and Microsoft network directories via a web interface. The terminal only requires a standard web-browser.
Port Forwarding and PortableLAN
Many companies require the teleworking station to have access on a range of applications or the transparent network access onto the central network.
During a session the user can simultaneously access different applications and servers such as Client/Server and Legacy-application on the central Windows, UNIX/Linux-, Mainframe or AS/400 in the scenario of port forwarding.
NCP PortableLAN is used if a teleworking station shall have transparent access to all applications and resources in the company network similar to an IPsec VPN.
All SSL function modules are included in the standard package of the NCP Secure Enterprise SSL VPN Server. The customer only has to give a number of users who may simultaneously access the VPN Gateway or company network (concurrent user).
Option: Upgrade to IPsec VPN.
The security
Security and access control are of central importance for remote access. It has to be sustainably prevented that data is intercepted, deleted or manipulated during transmission and that unauthorized third parties access the company network.
Strong authentication
NCP Secure Communications solution therefore supports a strong authentication via onetime-password tokens (OTP), certificates or biometrics. Details you will find here.
Network Access Control (NAC)
All terminals are checked on their current security status prior to accessing the company network. As per the centrally defined security level, a security level is assigned during each connection establishment to the company network. As per these results, the teleworker’s access rights to applications or the central network are assigned.
The NAC function module is a fix component of the NCP Secure Enterprise Server and can be used in connection with the Port Forwarding and PortableLAN function modules.
Adherence to security directives is compulsory and may not be manipulated or avoided by the user.
The following parameters can be checked:
- Operating system information (type and version, service pack, hotfixes)
- Services information (installed, started, stopped)
- File information (date, file version, MD5-Hash)
- Status of the virus scanner (manufacturer, version, up-to-date)
- Contents of certain registry values
Cache Protection
This function module protects the transmitted data on the remote terminal against theft. All web-pages viewed in the company network are automatically deleted from the cache after the connection is stopped.
Use of IPsec and SSL
Whichever VPN technology should be used for the secure external data communication is no longer influenced by the argument of “complexity”. Users do not require technical background knowledge and administrators gain the required network transparency via the central management services. You will find the recommended use in the datasheet NCP SSL VPN.
