Corporate Access SSL

Businesses are looking to realize productivity gains by expanding their remote access programs to all employees, business partners, buyers, distributors and customers. And the MegaPath managed Corporate Access SSL VPN service takes the burden of supporting the increasing number of users and applications, and the growing variety of non-corporate controlled devices, off the shoulders of IT security administrators. The MegaPath SSL VPN service reduces system complexity and provides a secure and cost-effective solution for security administrators to meet the increased demand for mobile remote access without increasing their budgets.

Instant Access from Anywhere

With MegaPath SSL VPN there's no software to install or maintain on any user’s computer. The only requirement for users is Internet access through a standard browser. With a corporate username and password, your employees will have full access to any resource on the corporate LAN

Here are a few types of users and situations where MegaPath's Managed SSL VPN is the ideal solution:

• Occasional users who just need to retrieve email and access the corporate intranet
• Day Extenders who need to log on to specific applications from their personal (unsupported) PCs
• Sales reps, distributors and consultants who need to download product information from customers' and partners' offices, through firewalls that do not permit IPsec traffic
• Executives who need to view web-based applications from public (non-trusted) PCs at hotels, airports and conferences
• Business Partners and customers who need clientless secure access to a corporate resource

A Complete Solution

The MegaPath SSL VPN service can be offered as a stand-alone product, completely separate from your other access technologies, or combined with our full portfolio of security services for a complete enterprise solution. Depending on your needs, it can be hosted in your data center or ours.

It's so easy to use that support calls are rare, but if you need help, our skilled technicians are available 24x7 to assist you and your users anytime day or night. We take care of everything, so your users can stay productive by accessing applications and corporate resources from virtually any device and any location

Features and Benefits

The MegaPath Corporate Access SSL VPN is secure and flexible. This managed solution lowers your total cost of ownership and frees your IT department from the hassles of supporting a large or varied group of users. Some of the many benefits of the MegaPath SSL VPN include:

Secure

• Encryption: Leverages strong SSL based encryption
• Authentication: Incorporates enterprise authentication tools and integrates with corporate standards and infrastructure

Flexible

• Supports any application (web based, client / server, legacy), works on any device (PC, Mac, Mobile, Linux), and runs across any network (wireless, satellite, wired, EVDO, 3G, dial)
• Offers a single solution for multiple users, including employees, vendors, service providers, business partners, retirees, etc.
• Client-less access options enables flexibility for users, simplified deployments and change management, and reduced end-user support burden

Managed

• Low total cost of ownership
• Industry experts providing initial deployment, ongoing production support and change management
• 24x7 proactive monitoring, management and ongoing support
• Designated Account Management for ongoing interaction and communication

Service Plans

Customers may choose the general SSL VPN service (Network-based) described above or select the premium Dedicated service. The Dedicated service plan also includes:

• Secured End Point Controls: Delivers the ability to ensure the integrity of end user devices
• Access Controls: Enforces granular security policies to ensure users can access only the applications and resources allowed
• Flexible design options for scalability, single and multi-site redundancy, and business continuity
• Secure portal access for on-going policy management, change management and reports/logs
• Service Level Agreement

Deployment Options That Make Sense

MegaPath knows that every business is different, with diverse needs and varied existing infrastructure. To meet the unique challenges of your business and to provide a cost-effective solution, we offer a range of deployment options:

• Customer Premise: For businesses with no current SSL equipment or those looking to upgrade their existing infrastructure, MegaPath installs SSL appliance and management equipment at a customer designated location.
• Hosted: For businesses with existing MPLS service, MegaPath installs the SSL appliance and management equipment at our hosted location.
• Management Only: For businesses with existing SSL VPN appliances already in place, MegaPath provides management services leveraging your own equipment.

Multiple Access Methods

MegaPath's Managed SSL VPN features three access methods. All or some of these can be made available to different types of users automatically. By offering a transparent remote access experience and access methods to handle all possible scenarios, MegaPath's Managed SSL VPN gives you the best of both worlds: ease-of-use and complete control over access authorization and security.

Click to Enlarge

Users can access the network via one of these methods:

• Web Connect "Clientless": MegaPath offers secure access to internal Web applications and file servers using a standard browser. This is well-suited for clientless remote access from kiosks and other untrusted access points and for business partners who need secure access to a defined set of Web resources.
• Desktop Connect "Clientless": The Desktop Connect “Clientless” experience is designed for users who need clientless access to any corporate resource.  Along with Web-based applications, this includes access to a broad range of thin-client applications such as Citrix, corporate file shares, and to client/server applications such as Microsoft Exchange, SAP, and Lotus Notes. Desktop Connect “Clientless” works just like our browser-based service, only we automatically install a Java or Active-X agent without any manual downloads or extra steps by the user. It is perfect for users accessing the network from machines that aren't managed by the IT organization - for example, users accessing the network from their home PCs, or anyplace where a “Clientless” VPN makes more sense.
• Desktop Connect “In-Office”: The Desktop Connect “In-Office” experience provides authorized users with secure access to any resources on the corporate LAN. While it does require an initial download, the Desktop Connect “In-Office” service is not a traditional VPN client - it provides the "in-office" experience with an even higher level of transparency and simplicity for users, so they gain unlimited mobility and complete integration with the Windows desktop. It is ideal for situations where users need full application access and IT wants to support secure access with strong desktop security, including split tunneling control and personal firewall detection. The common use case is corporate laptops.
• Handheld Connect: Handheld Connect provides a Web-delivered client for Windows Mobile 2003 handheld devices enabling broad access to client/server and web-based applications for an “In-Office” experience.  Available on Corporate Access SSL - Dedicated service plan.

Access Control for Every User and Device

For the Dedicated service plan, MegaPath works with you to define your access control policies for each group of users and the devices they're using to access the network. These policy zones are determined by the relative security risk of each specific device. Those devices that are controlled by your IT department are more trusted than public devices. A user accessing the network through a company-issued laptop, for example, would have more applications and resources available to them than a user accessing the network from a kiosk at the airport.

These access control policies, combined with end point control, determine which policy zone a user is placed in each time they access the network. Policy zones can contain multiple user and device profiles, allowing a single zone to reflect multiple end point scenarios.

Click to Enlarge

Access is classified into three zones:

• Trusted: Devices that are issued and managed by your company would fall into this category. With a user name and password, a user can access all their applications on the network.
• Semi-trusted: Devices that are known and secure, like a home office or a partner site, but which aren't directly managed by your IT department.
• Non-trusted: Public devices like Internet kiosks in an airport or hotel business office.

The zone determines the access environment a user experiences. An employee who takes their laptop home with them and uses it to access the Corporate LAN may have access to a wide range of applications, for example a CRM system or database. If that same employee connects from their home computer, which doesn't have a firewall, they may only have access to their email or dashboards.