Endpoint Security

The primary driving factor for wide adoption of SSL VPNs is ubiquitous secure access from any device without any pre-requisites. However this opens up a new challenge for organizations as unknown and unmanaged devices including potentially harmful devices can connect to the corporate network. Moreover compliance becomes a challenge as it becomes impossible to enforce corporate policies to end users. Next generation SSL VPNs like Propalms VPN bring strong device profiling features that measure and calibrate each endpoint connecting to VPN against the corporate policies. Propalms VPN provides a flexible policy framework for administrators to keep the corporate network safe from unclean devices by either keeping such devices out of network, restricting them to a part of network or remediate them to be able to access network services.
As part of device profiling, Propalms VPN can check for status of endpoint security software like antivirus, firewall and anti-spyware, OS and software updates and compliance to endpoint configurations. An intelligent cache wiper can clean the files and cache stored on the local hard disk by browsers or by users, whether residing in temporary folders or any of the drives.


Propalms VPN - Endpoint Security

Although SSL VPNs provide broader access capability which clearly enhances productivity, it also inherently widens network exposure to uncontrolled environments.
For Example: If a remote client machine is infected with virus/worms/Trojans/spy-wares, this un-wanted traffic is also sent to private network over secured connection. To effectively control these risks, it is no longer enough to manage access by user identity alone. The safety of the user's end point environment must also be ensured by enforcing access policies based upon solid end point protection.
Propalms VPN Administrators can create 3 types of product policies:

  • Antivirus
  • Antispyware
  • Firewall
Thus ensuring the most recent versions are installed and active on the user's device before they can connect to the network. Further to this, Administrator's can create Endpoint Zones which override Application Groups limiting access to applications based on the result of the user's device profile from the Endpoint scan. For example, a 'Quarantine' Zone can be set to provide minimal access for non-compliant devices connecting to the VPN.

VPN access can be further secured by enforcing MAC address and IP address policies on the VPN gateway. The administrator can define a list of allowed or blocked addresses that are checked when the device scan occurs.


Download Software
Online Demonstrations
Microsoft Certified Gold PartnerVMware Technology Alliance Partner HP Developer & Solution PartnerIntel Software Partner