F5 Networks Inc. (Nasdaq: FFIV) is scheduled to unveil enhancements to two of its SSL VPN products today -- its FirePass 1000 and 4000 models.
The first and most important enhancement aims to prevent remote users with potential security problems, such as inadequate virus protection, from gaining full access to the corporate network. The FirePass conducts "client integrity checking" to see whether a remote user's client has an effective security policy. If it doesn't but it passes a more basic security check, the administrator can restrict access to a "quarantine network.""This is good news for users: It will increase people's level of confidence in rolling out SSL VPNs," says Jeff Wilson, principal analyst of Infonetics Research Inc.
Other vendors have also been busy in this area. F5s competitor, Aventail Corp.,
also offers a client security check on its EX 1500 offering, although the company does not provide a specific quarantine network. Instead, users that have failed the check can be emailed information about security upgrades.
Juniper Networks Inc. (Nasdaq: JNPR), together with NetScreen Technologies Inc. (Nasdaq: NSCN), offers "host checker control" on its Secure Access Series of products to verify client security. It also provides a feature called "dynamic access privilege management," which allows a network administrator to dictate which resources a user can see after the host-check.
The second enhancement of F5's FirePass products widens its potential market by enabling Macintosh and Linux clients to handle any IP application. In contrast, Aventail and Juniper/Netscreens equivalent offerings targeting Macintosh and Linux clients can only handle applications using TCP connections.