Sygate Technologies, the leading provider of Network Access Control solutions and Aruba Networks, a pioneer of next-generation enterprise mobility systems, today announced the development of the industry's first integrated on-demand security system for mobile enterprise users and devices.
The joint development is part of a strategic partnership under which Aruba is licensing and integrating the popular Sygate On-Demand(tm) Agent (SODA) directly into ArubaOS, the operating system and suite of application software that controls Aruba's centralised mobility systems. The joint solution is available immediately as part of a new ArubaOS Client Integrity Module (see related release).
According to Gartner Group, users increasingly want access from unmanaged systems for which a full personal firewall can't be installed or assumed to be working. Consequently, on-demand security is quickly becoming a key issue for corporations everywhere.
On-Demand Security for the Mobile Enterprise
The first on-demand network security system of its kind, the Aruba/Sygate solution, lets corporations automatically protect the enterprise against potentially harmful client devices that connect through the wired and wireless access networks. Enterprises can now ensure that unmanaged devices accessing the enterprise network meet pre-defined security policies to ensure safe operation across the network without having to install and configure software on every end station.
"Mobile access is literally redefining how corporate networks are managed and secured," said Aaron Vance, senior wireless LAN analyst at Synergy Research. "Companies want to provide mobility as much as people want to be mobile but by doing this they are faced with the new problem of how to best protect their network against devices over which they have no control. By integrating on-demand security directly into the mobility LAN system, Aruba and Sygate have intelligently turned end-point integrity into a seamless and automated service that can be easily enabled instead of yet another system that must be deployed, integrated and managed."
Guests such as consultants, contractors, and vendors connect to corporate networks every day through the corporate network to gain access to the Internet, applications and data. When a guest computer is compromised by malicious code, that computer can infect other systems on the network, capture confidential data, and/or cause a denial of service.
In addition to scanning guest devices, the Aruba system can also be configured to detect "un-trusted" clients such as personal laptops of employees and use the On-Demand solution to verify compliance on these devices before allowing them access to the network.
Sygate's On-Demand protection ensures compliance with security policies to prevent unauthorised data transfer and protect confidential information by working with Aruba's mobility controllers to automatically enforce integrity checks that are performed on suspect clients.
"It's no longer an option to provide secure wireless access," said Gabriel Snook, IT manager at Sharp Healthcare. "While wireless standards address authentication and encryption there is still no way to know the integrity of mobile device itself or the ability to control them. Aruba and Sygate have solved this problem. Now mobile devices can be automatically screened in a very non-disruptive and seamless manner."
Network managers can now easily define criteria for client integrity, such as the presence of specific versions of anti-virus software, scanning for malicious code or programs such as keystroke loggers, and the appropriate system-level software. These criteria are contained in the on-demand agent (applet) that resides in the WLAN controller and is automatically downloaded to the unmanaged endpoints when network access is requested.
As unmanaged devices access the WLAN, Aruba's mobility controllers automatically download a temporary and non-intrusive SODA applet that automatically checks the integrity of the system. Upon passing integrity checks, the user is then automatically placed into a specific role with the requisite access privileges. If the device fails the checks, the user is placed into a "remediation" role that limits network access.
Aruba mobility controllers ensure compliance with security policies, prevent unauthorised data transfer, and protect confidential information on both corporate system and unmanaged guest devices that may connect to an enterprise network.
"Enterprises are desperately seeking to provide secure access on their wireless networks to devices they can't be sure are safe," said Keerti Melkote, co-founder and vice president of Product Management from Aruba. "By integrating Sygate's technology directly into our mobility controllers, IT staff now have a simple and elegant way to automatically detect client misconfigurations and remediate client devices for operation on the enterprise network."
Administrators can also enforce a virtual desktop environment that prohibits unmanaged devices from running unsafe applications on the corporate network. The virtual desktop environment also prevents users from permanently storing sensitive data on system after disconnecting from the network.
Sygate On-Demand is the only solution that completely prevents the
compromise of enterprise assets such as company financials, customer
information, and intellectual property caused by unprotected network
access through wireless LANs. Sygate recently released SYGATE On-Demand
version 2.5 with new modules including Malicious Code Prevention and
Connection Control and enhancements to the Host Integrity module. Sygate has sold more than a half-million versions of the original SYGATE On-Demand product.
"The concept of delivering On-Demand security capabilities such as
Virtual Desktop, malicious code prevention, and host integrity on
unmanaged devices through Sygate On-Demand has found tremendous
acceptance with our enterprise customers," said John De Santis, Sygate
CEO. "We are thrilled to offer Sygate On-Demand 2.5 as part of Aruba's
acclaimed mobility system. This will extend our concept of Compliance on Contact(tm) to the growing number of Aruba customers throughout the