1 / 33

Sangfor SSL VPN Presentation

Sangfor SSL VPN Presentation. Sunny Tse Product Manager, International Division. Agenda. Mobility of Today’s Business 3 . Secure , Fast, Easy-to-use SSL VPN 7. Best Practice & Solution 22. Case Study 25. Sangfor Company 28. Access Mobility of Today’s Business. SSL VPN Market Growth.

ron
Télécharger la présentation

Sangfor SSL VPN Presentation

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Sangfor SSL VPN Presentation Sunny Tse Product Manager, International Division

  2. Agenda • Mobility of Today’s Business 3 Secure, Fast, Easy-to-use SSL VPN7 Best Practice& Solution22 Case Study25 Sangfor Company28

  3. Access Mobility of Today’s Business

  4. SSL VPN Market Growth (US$MM) Source: Frost & Sullivan • Improve business productivity by enable mobile and remote office; • Include supplier/partner/customer into company’s business process to improve efficiency and productivity

  5. Business Becomes More Mobile User on the road: Management, Sales, technical profession, researchers on business trip, in the airport , etc. At home/ Out of office: Employees occasionally out of office or at home Application servers Storage & database Authorized partners/ customers : Business partners, supplier, contractors, customers remotely access product/ partnership system, etc Remote offices/ selling house/business hall: Remotely access business application systems to carry on business deals, etc. Remote maintenance: IT do remote maintenance or 3rd party technical maintainers do maintenance to internal systems Authentication server Tele - conference PCs

  6. Expands Business with SSL VPN User on the road Application servers Storage & database At home/ Out of office Remote maintenance Authentication server Tele - conference PCs Remote offices/HBO Authorized partners/ customers

  7. Secure, Fast, Easy-to-use SSL VPN

  8. Sangfor SSL VPN Security • Secure SSL VPN access; • Ensures the authorized user, using a secure endpoint via a secure tunnel to access the authorized resource; Rapidity Usability • Rapid SSL VPN access; • Full access optimization to ensure high-efficient mobile office, thus enhance the productivity. • Ensure the end users’ access experience; • Easy-to-use SSL VPN; • Intuitive, low learning curve for end user; • Easy for administration • Offer flexibility to meet with corporation’s future needs.

  9. Comprehensive Security Protection • User authentication: Username/Password, LDAP,RADIUS, CA, USB key , Dynamic Token, Hardware ID, SMS • Host checker • Dedicated SSL VPN Tunnel • Cache Cleanup • Secure Desktop • Standard encryption algorithm: AES, DES, 3DES, RSA, DH, RC4, MD5, SHA Digest algorithm • Man-in-the-middle attack detection • Account binding • “User-Role-Resource” association • Dynamic privilege End Point Transmission Authorization Identification INTERNET

  10. Host Checker • Check security status of host prior to user login, and during the SSL VPN session Operating system, registry file, process, personal firewall, anti-virus files, login time, line IP, user IP, user-customized security rules… Meet policy condition 1&2&3 Resource 1 Meet policy condition 2&3 Failed to meet any policy Resource 2

  11. APP3 APP3 APP3 APP3 APP2 APP2 APP2 APP2 APP1 APP1 APP1 APP1 Secure Desktop • SD creates an isolated workspace to ensure the absolute security of remote access; OS OS OS OS Common office resource Critical/R&D resource Minimize Exit Print Save to local disk Secure desktop Default desktop Copy & Paste to local resource Cached/temp. files

  12. APP3 APP3 APP2 APP2 APP1 APP1 Account Binding • Account binding enables unified authorization and simplified administration SSL VPN Account A SSL VPN Account B OS OS Application account A Application account A Application account B Authorized resource

  13. Complete Access Optimization Time Link optimization Link • Intelligent link selection Transmission Transmission optimization Saving telecommunication(3G) traffic and cost; • High-speed Transfer Protocol Redundant Data Data optimization • Byte cache • Streaming compression Resource optimization Resource • Webpage access optimization • Resource load balancer Enabling a high-efficient SSL VPN access

  14. Access Optimization - Lab Test Result • File size: 10M • Network environment: 2Mbps, 100mslatency, 1%packet loss

  15. Remarkably Easy-to-use SSL VPN Administrator Mobile user Easy to use, able to connect to business any time, any where with any device; Easy to manage, able to meet with organization’s future needs; • Cross-platform support; • Remote application; • Single-Sign-On; • Login page customization; • System tray; • … • Hierarchical management; • Virtual secure portal; • Asymmetrical cluster; • Built-in IPSec VPN; • Syslog, SNMP; • …

  16. Remote Application • Users remotely operate on the application servers: Remote application windows C/S applications Windows applications Remote user with any device [Terminal server(s)] Key strokes, mouse click, … • No need to pre-install C/S application clients to the endpoints; • Enable accesses to C/S applications, Windows applications on smart phone, tablet, such as iPad, iPhone, Android devices, etc. • Fast transmission speed even when accessing with a limited bandwidth;

  17. Remote Application – Sangfor EasyConnect Take the office in your pocket!

  18. Virtual Secure Portal • Visualize SSL VPN into up to 253 virtual SSL VPNs Mobile user group Partner group Customer group URL:https://app.customer.com URL:https://app.mobile.com URL:https://app.partner.com Login methods M Login page M Published resource M Administrator M Login methods P Login page P Published resource P Administrator P Login methods C Login page C Published resource C Administrator C Virtual Secure Portal

  19. Asymmetrical Cluster Asymmetrical cluster M5900-S, 16000 users M5800-S, 5000 users M5600-S, 3800 users 24800 users Exclusive ! • Cope with business growth;

  20. APP2 APP2 APP2 APP1 APP1 APP1 Cluster Cloud • Cluster cloud meets with deployment requirements when in a multiple datacenter/ cloud environment; • Centralized configuration • for the cluster appliances Choose the fastest and healthy SSL VPN appliance to access Unified domain name for remote accesses 云C Datacenter Hong Kong User A Hong Kong Cluster URL:https://app.unified.com • User B • London Datacenter London • Increase remote access speed and accessibility;

  21. Wide Range of Product Model M5900-S-I, 16000 User • Asymmetrical cluster • Cluster up to 20 units M5800-S-I, 5000 User M5600-S-I, 3800 User M5500-S-I, 2600 User M5400-S-I, 1200 User M5100-S-I, 300 User

  22. Best Practice & Solution

  23. Implementation of Sangfor SSL VPN • Tunnel encryption • Host checker • Secure desktop • Remote application • Access optimization • … User on the road Virtual secure portal M SMS SOHO/ Remote maintenance Headquarters SMS Remote small office Resource authorization 3G AD HW ID Business Resource Internet Virtual secure portal P Partners WLAN PCs Secure Desktop Virtual secure portal C Customers Password

  24. APP3 APP3 APP3 APP3 APP2 APP2 APP2 APP2 APP1 APP1 APP1 APP1 WLAN Security Enhancement • Normally, only user/password authentication is required in an WLAN network; • Once connected, all users almost enjoy the same access authority due to lack of authorization measures; OS OS OS OS Internal users • Intruder can easily steal the data by intercepting into the WIFI session ; Guests Resource1 Unauthorized users Resource 2

  25. Case Study

  26. Sangfor SSL VPN Customer Requirements Sangfor Solution • The central bank of the People's Republic of China • Play an important role in China's macroeconomic management • Employees frequently go business trip to local banks in different cities, the mobility requires a secure way for employees to remotely access the office systems, such as OA, email systems of PBC’s • Users are authenticated with combined USB, SMS measures before accessing the systems; All user names are bind with the hardware code of the employees’ laptops; • Various security protection measures are enabled to guarantee safety before/during/after employees’ remote access; • Apply the acceleration policies to enable fast and efficient remote access; Case Study 26 26

  27. Sangfor SSL VPN 2010, 2011 2008, 2009, 2010

  28. Sangfor Company

  29. Sangfor Overview Sangfor Company • Founded in 2000 • 44Offices found in major cities of Mainland China, Malaysia , Hong Kong, Singapore, Thailand , Indonesia, Vietnam and UK • 1000+ employees; • 15,000 customers; • 8 product lines • IPSec VPN, SSL VPN, Internet Access Management, WAN Optimization, Application Delivery , Secure Gateway, Application Performance Management and Next Generation Firewall; • Continuously fast growth • 50–70% annual growth in the past 6 years • CMMI Level 3 authentication for R&D system; • ISO 9001 authentication for Service System; 29

  30. SSL VPN ADC APM AF WOC Offering Solution at Three Levels One stop solution to serve for customers SSL VPN Data Center IAM Branch Office IPSec VPN H Q Gateway AF (Low End) IAM WOC AF 30

  31. APP3 APP3 APP3 APP3 APP2 APP2 APP2 APP2 APP1 APP1 APP1 APP1 OS OS OS OS Cloud-Computing Ready Cloud Endpoint Visualization Visualization TV Management Optimization Efficiency WAN OS OS OS OS OS OS OS OS Laptop/PC WANO/VPN IAM / NGFW Internet SSL VPN WANO/AD Optimization Mobile phone WANO 3G/SVAT EasyConn Pad Central management SC APM 31

  32. Prospective Vendor Deloitte Technology Fast 500 Asia-Pacific in 2005, 2006, 2007, 2008, 2009, 2010,2011 Mid-sized Enterprise Gold Award from Standard Chartered Bank Network Security Manufacturer in Asia Pacific Award 2009 from Frost & Sullivan “Best Company to work for” Award from Fortune China, 2009 “Best Company to work for” Award from Fortune China, 2011

  33. Thank You 4th Floor, Building 2, Financial Base, No. 8 Kefa Rd, Technology Park, Nanshan District Shenzhen, Guangdong Province, P. R. China P. C.: 518052 Tel: +86-755-8633 6171 Fax: +86-755-8662 7753 Email: marketing@sangfor.com

More Related