NSP Security Features

SSL VPN Security: AEP Networks

The FIPS-approved, ICSA Labs and VPNC-certified NSP has been designed to allow you to gain the efficiency and financial rewards brought by simple, timely remote access, while your business-critical resources remain safe from risks.

Protecting Your Network Resources

Protection of internal network resources with the NSP begins with the browser-embedded SSL (secure sockets layer) protocol for encryption, site authentication, and session integrity.

Once a secure connection is established, the NSP offers increased protection to the network in a variety of ways:

NSP Security at a Glance:

Application Layer Proxy protection - Security at the network's edge

Dynamic enforcement of authentication and rule-based policies to define granular user/group privileges

Session timeouts and optional forced re-authentication

Client Side Certificates with revocation lists

Stateful Packet Inspection Firewall (SPI) built-in

Client Integrity: Secure Desktop, Host Integrity Verification and Adaptive Policies
(by V-Realm)

Broad authentication leverages all leading protocols (Windows® SMB/Active Directory, LDAP, RADIUS®, RSA SecurID®, Kerberos, VASCO®, Aladdin®, ActivCard®)

Endpoint Security – Enforcing Corporate Policy

Ensuring the integrity of a remote machines - particular when access occurs from non-corporate controlled PCs - forms a vital plank of any security strategy. That's why the NSP offers flexible, built-in endpoint security tools designed to enforce corporate policy and eliminate threats, while safeguarding mission-critical information.

AEP Netilla Client Integrity Options
Feature:	Description:	Benefit:
Host Integrity Checking	Validates the presence and version of antivirus software, personal firewalls, service packs, patch levels, and custom objects	Ensures compliancy with corporate policy
Adaptive Policies	Checks pre-defined end-station parameters; for example, registry entries or IP address	Confirms the identity and location of remote devices
Netilla Secure Desktop	Creates encrypted virtual workspace and performs DoD wipe at session end.	Prevents digital leakage and ensures the confidentiality of corporate information
Cache Cleaning	Deletes all traces of session data; for example, browser history or cookies	Removes the danger of sensitive data being left behind at remote locations

Application Layer Proxy: Maximum Network Protection

The NSP is able to deliver its rich set of application access modes by functioning as an “Application Layer Proxy”. Application-layer proxies protect internal data from direct exposure to the Internet in two important ways. First, web and application servers are never directly “touched” by remote users. Access is only through a “proxy” – the NSP itself – that terminates and translates application protocols before they are allowed to reach the internal network.

Second, an application-layer proxy boosts security by applying authentication and policy before allowing connections to application servers. Because termination occurs at the NSP, security can be applied before data requests are transmitted to private network application servers.

This powerful story means that an organization can extend applications to remote users over the Internet without having to place application servers in a publicly accessible area. Placing application servers in such a “Demilitarized Zone” (DMZ) would require much hardening to lock down and protect. Instead, with the NSP, application servers can remain safe on the private network behind the firewall, and are never exposed to the public network.

For more information about the NSP's security features, visit our Security Certification section, try an Online Demo, or visit our Documentation page.