SonicWALL SSL-VPN series

SonicWALL SSL-VPN Series

The SonicWALL SSL-VPN Series, featuring SSL-VPN 200, SSL-VPN 2000 and SSL-VPN 4000, provides organizations of all sizes with an affordable, simple and secure clientless remote network and application access solution that requires no pre-installed client software. Utilizing only a standard Web browser, users can easily and securely access e-mail, files, intranets, remote desktops (includes both full desktop and individual application access) and other resources on the corporate LAN from any location. With no need for a pre-installed or "fat" VPN client, administrators are freed from the tasks of deploying, configuring and updating software, thus reducing maintenance and support costs. SonicWALL SSL-VPN Series solutions integrate seamlessly into virtually any network topology to deliver powerful, scalable and affordable remote access to corporate resources.

Key Features and Benefits:

• Seamless integration behind virtually any firewall enables organizations to leverage the existing network infrastructure without the need to purchase additional hardware.
• Clientless connectivity removes the need for a pre-installed or "fat" VPN client, thus freeing administrators from the tedious and costly task of installing and updating a client on users' PCs.
• Offering unrestricted concurrent user tunnels instead of per-tunnel licensing significantly reduces the costs associated with deploying a scalable secure remote access solution.
• NetExtender technology provides enhanced capabilities such as access to additional resources, services and applications on the corporate network.
• Granular policy configuration controls enable network administrators to create policies that "lock down" a user to specific applications/resources and prevent remote users from viewing or using restricted network resources.
• Customizable Web interface provides a personalized portal experience and displays only those resources that are available to the user based on company policy.
• Tokenless two-factor authentication* provides enhanced protection against key loggers. This added level of security is achieved by combining a unique one-time password that is generated by the SSL-VPN appliance and sent to a remote user's mobile device or e-mail address using the user's network user name and password.
• Enhanced layered security is enabled when deployed alongside a SonicWALL Internet security appliance which utilizes powerful deep packet inspection technology to scan traffic for malicious threats such as viruses, worms, Trojans and spyware.

* Available only on the SSL-VPN 2000 and SSL-VPN 4000
Features available with v2.0 Firmware Update for SSL-VPN 2000 and SSL-VPN 4000:

• Two-factor authentication support: Domains can be created for which users are authenticated against the most common third-party two-factor authentication products from RSA Security Inc. and Vasco Data Security International. Both the Virtual Office and the standalone NetExtender client support two-factor authentication.
• Improved reverse proxy: Various improvements have been made to the reverse proxy engine, including support for the premium version of Outlook Web Access, Lotus Domino Web Access and BIG5 and multi-byte character sets.
• Improved book mark policy options: The administrator has the ability to control single sign-on at the bookmark, user, group, and global level. In addition, it is also possible to specify whether bookmarks are editable by the remote user, including changing of bookmark names.
• Citrix Java applet: A Java applet has been added as an alternative to the existing ActiveX client to establish a connection between a Citrix resentation Server and a client machine. The SSL-VPN appliance automatically pushes the Java component through the Virtual Office. There is no need to have a Citrix ICA client pre-installed on the remote machine. The Citrix Java applet expands Citrix support to Linux and Mac OS X client systems.
• File Sharing Java applet: A multi-platform file sharing module that enhances usability of the file sharing capability of the SSL-VPN appliance. Most notably, the end-user now has the ability to drag and drop one or more files and folders between the applet window and file organizer systems native on the remote machine with just one click.
• SSHv2 Java Applet: To complement the existing SSHv1 support, a Java based SSHv2 Java Applet has been added to enable a proxied connection between a remote machine and any specified SSHv2 server.
• Tokenless two-factor authentication protection is achieved by combining a unique one-time password, with the user's network user name and password, providing enhanced protection against key loggers.
• Context-sensitive help is provided throughout the Web-based administrative interface and end-user portal, increasing management flexibility and ease-of-use.
• Support for Citrix (ICA) based applications allows access to additional resources on the corporate network. An ActiveX client has been added to establish a connection between a Citrix Presentation Server and a Windows client machine.
• The standalone version of NetExtender gives the end-user the flexibility of either starting NetExtender through the browser based portal or as a regular Windows application for accessing resources on the corporate network.
• File Shares Access Policies provide centralized policy management by facilitating the setup of access policies and centralizing it on the SSL-VPN appliance rather than having to set up permissions per user on each server. Policies can also be set at the server path level, allowing or denying access to specific shares via bookmarks. Existing policies via IP address, address ranges and network objects now also apply to CIFS file shares.
• Support for non-Windows platform is now available through the addition of an RDP5 Java applet. This feature allows remote users to access corporate resources from a non-Windows client machine. The RDP5 Java applet can be used to establish a connection between a Microsoft Terminal Server and a non Windows client machine. It replaces the previously present RDP4 Java client.
• Global Management System (GMS)1 support provides management flexibility by enabling SSL-VPN appliances to be globally managed and monitored. Using the SonicWALL GMS, administrators can monitor the up/down status and use one click login to access the management interfaces of each SSL-VPN appliance that is configured to communicate with GMS.

Features available with v1.5 Firmware Update for SSL-VPN 200:

• Context-sensitive help is provided throughout the Web-based administrative interface and end-user portal, increasing management flexibility and ease-of-use.
• The standalone version of NetExtender gives the end-user the flexibility of either starting NetExtender through the browser-based portal or as a regular Windows application for accessing resources on the corporate network.
• File Shares Access Policies provide centralized policy management by facilitating the setup of access policies and centralizing it on the SSL-VPN appliance rather than having to set up permissions per user on each server. Policies can also be set at the server path level to allow or deny access to specific shares via bookmarks. Existing policies via IP address, address ranges and network objects now also apply to CIFS file shares.
• Support for non-Windows platforms is now available through the addition of an RDP5 Java applet. This feature allows remote users to access corporate resources from a non-Windows client machine. The RDP5 Java applet can be used to establish a connection between a Microsoft Terminal Server and a non Windows client machine. It replaces the previously present RDP4 Java client.