Aventail Announces End-Point Control to Secure Remote Access Based on a User’s Environment, Identity, and Level of Risk

September 17, 2003 – Aventail Corporation, the leading provider of SSL VPN appliances and services, today announced End-Point Controlâ„? (EPC) to increase the security of remote access from the riskiest end-points on the Internet. Backed by partnerships with the industry’s leading end-point enforcement vendors, Aventail’s new EPC initiative helps organizations manage and protect anywhere access to critical network resources from airport kiosks, wireless hot spots, employee-owned PCs, and PDAs. Aventail is delivering EPC with world-class policy enforcement partners, including Bluefire Security Technologies, Foundstone, iPass (Nasdaq:IPAS), Swivel, Sygate Technologies, WholeSecurity and Zone Labs.. With EPC, the Aventail® EX-1500 SSL VPN appliance leads the way in helping organizations control remote access policy not just based on a user’s identity, but also on their environment and level of risk.

“With the increasing use of public network services, the mobile workforce, contractor access, and even malware making its way into internal networks, DuPont believes that the client system must be able to protect itself in any network environment while securely connecting to company applications,” said John M. Davis, Technology Architect, Corporate IT Architecture, DuPont. “Reaching this goal requires cooperative enforcement and provisioning services from end-point software including security auditing, personal firewall, antivirus, and the Aventail SSL VPN. Aventail has a proven track record in DuPont for enforcing one-time password authentication and trouble-free connectivity from any source network.”

“Today, corporations either attempt —without success—to ban mobile and wireless access to corporate assets, or they accept a high degree of risk in return for providing greater flexibility and productivity to their employees,” said Chris Shipley, executive producer of the DEMO Conferences for IDG Executive Forums. “With End Point Control, Aventail and its partners are addressing this challenge by increasing the range of end-points from which users can securely access corporate resources. Additionally, EPC adds teeth to the policies that IT can’t enforce today, like prohibiting users from accessing the network from wireless devices that don’t have a personal firewall. This gives IT the comfort they need to deliver on the promise of secure, anywhere access for the mobile workforce.”

In the past, remote access was only available to users on corporate laptops with traditional VPNs, which require the management of complex clients. With the adoption of SSL VPN technology, executives, employees, partners, and customers have come to expect anywhere access to more network resources. This includes unprecedented access to Web and client server applications from any device with a Web browser. In most cases, such as employee PCs or mobile PDAs, this access has immediate benefits for users. In others, such as airport kiosks, IT is faced with a choice of whether or not the risks of access outweigh the benefits. With the introduction of EPC, Aventail eliminates these risks by controlling access privileges based on the user’s specific level of risk—who they are, where they are, and what device they are using— in order to determine what steps can be taken to protect them. This allows IT to enforce security and extend anywhere access without the risks of the Internet’s worst-case security scenarios.

“In order for us to provide flexible secure access to users and partners, it’s critical that we can control where users are accessing systems from,” said Bruce Lee, CIO with BNP Paribas Americas. “Aventail’s End Point Control strategy will enable us to further take advantage of the convenience of SSL VPN access with more control over policy and security. That’s the kind of innovation we’re looking for from a remote access partner.”

“The growing sophistication of mobile devices and access methods has presented IT departments with both a tremendous opportunity and challenge,” said Sarah Daniels, Aventail’s vice president of product management and marketing. “While remote access is a must for business productivity, for it to work, organizations must be able to define access policies in order to secure and protect network resources. With End Point Control, Aventail delivers the power to do this with a highly sophisticated policy model for managing remote access risks.”

How Does it Work
Aventail’s partners enforce policies for firewalls, intrusion detection, virus protection and other client-side security issues, while Aventail encrypts and authorizes access to all corporate resources with access control policies based on both the user’s identity and the security of the user’s environment. Today Aventail delivers End Point Control through source-based access policy rules, control over split tunneling, strong authentication support, automatic detection of desktop security applications, cache protection, AutoCompletion blocking, user authorization, and crypto level access control. This allows Aventail to first detect the individual and their environment, then to secure that environment, and finally to deliver the right level of authorized access to that user.

End Point Control leverages Aventail’s flexible, object-based policy model, which includes a single, centralized location for all access policies. Aventail is committed to delivering new ways to detect users and their environment, and address their risks. The company’s product roadmap includes plans for even deeper integration with partners, stronger policy-based support, and increased control over end point activity.

Sarah Daniels from Aventail continued, “EPC reinforces our commitment to meeting the demands of our growing customer base with SSL VPN solutions that address real-world remote access and security needs. We are dedicated to developing the most comprehensive SSL VPN solution for remote access by joining forces with world-class partners, many of whom are already a valuable part of our customers’ infrastructure.”

About DEMOmobile 2003
The annual DEMO and DEMOmobile conferences focus on emerging technologies and new products, which are hand-selected by executive producer Chris Shipley from across the spectrum of the personal technology marketplace. Top executives from the leading hardware and software technology companies, venture capitalists, journalists from key industry publications and industry analysts attend the DEMO and DEMOmobile conferences to preview the most promising products and technologies for the coming year. DEMO is held in February each year and features approximately 60 new companies, products and technologies. DEMOmobile is held each fall and features approximately 35 new mobile technologies. For more information, visit http://www.idgef.com/.

About Aventail
Aventail, the recognized SSL VPN leader, is changing the way organizations define secure remote access. The company’s clientless SSL VPN appliances and services provide employees and business partners with transparent, anywhere access to any application from any Internet-enabled device.

Aventail has received numerous awards and accolades from the industry’s top publications and analyst firms. These include recognition as a leader in both the 2003 Gartner SSL VPN and Managed Remote Access Magic Quadrants; recognition as one of the top 10 security companies in Computer Business Review, Computerworld’s 100 Emerging Companies; winner of InfoWorld’s Hot Product, Network Magazine’s Product of the Year award, Giga Information Group’s Emerging Technology Scene – Best Overall Network Product, and the Crossroads A-List Award. Half a million users and 500 global organizations have purchased Aventail’s SSL VPN solutions, making Aventail the most widely deployed and proven SSL VPN on the planet. Aventail’s customers include industry leaders such as Aetna, Cerner Corporation, DuPont, Ernst & Young Global LLP, FMC, IBM Global Services, and Mount Sinai NYU.

For more information on Aventail, visit www.aventail.com.