Neoteris Expands Into Extranet and Intranet Security Markets With New Access Management Capabilities

Company Targets New Markets and Expanded Customer Applications

SUNNYVALE, Calif. – Sept. 30, 2003 – Neoteris*, Inc., the leading Application Security Gateway vendor with more than 550 enterprise customers and one million users worldwide, today announced the availability of new functionality enabled in its 3.3 Version of the Instant Virtual Extranet (IVE) platform, with the broadened product capabilities to specifically secure the deployment of corporate extranets and intranets. With the integration of enhanced access management capabilities and unique new security features, Neoteris now expands its addressable markets well beyond the traditional employee remote access security market. New features available in the Neoteris Access Series(tm) and Meeting Series(tm) product families include forms and header-based Web single sign-on (SSO), password management integration, client cache cleaner, advanced client host checking agent, among other features.

The advent of the Internet, and more specifically corporate extranets and intranets, has enabled information to be more readily shared across corporations, organizations, and departments with the simplicity of a Web browser. With this ubiquity of access, however, better controls are needed to protect enterprises from network vulnerabilities and security concerns. Similarly, enterprises need to ensure that the user experience and productivity are optimized, while also minimizing the security policy administration overhead associated with managing these increasingly large and diverse user populations. Neoteris has leveraged its patent-pending application-aware content intermediation technology to leapfrog traditional network-layer solutions. By integrating traditional access management and security enforcement capabilities with content aware access, Neoteris is uniquely able to deliver security and SSL-based access in a single appliance.

“Offering access management capabilities is the next logical step for leading SSL VPN providers – and is key to them maintaining competitive differentiation,” said Mark Bouchard, senior program director at META Group. “Enterprises are moving to deploy broader access to more diverse user populations to enable their employees, partners and customers to be more productive and efficient in their operations. To support these initiatives, they require advanced management and security capabilities that enable them to enforce granular policy controls across applications and provide better end-to-end security.”

With the move toward more traditional partner extranet markets, Neoteris has addressed the end-point security and data confidentiality challenges presented by non-employee users accessing from unmanaged computers and networks. Neoteris has introduced the Cache Cleaner feature to wipe out upon session completion any corporate data that might have been downloaded by the user. Similarly, Neoteris has advanced its client policy enforcement features in its Host Checker to detect the presence of good or bad processes, such as Trojan horses and worms, running on the remote device. Lastly, Neoteris’ Data Trap feature ensures that the transmission of corporate Web content is protected by trapping all sensitive information, such as cookies and headers, on the inside of the network, as well as presenting all HTML in a non-cacheable format to ensure that no trace of the user’s Web session is left behind after session timeout. Each of these features is a critical component of Neoteris’ layered security architecture. Together, they provide multiple protection points rather than relying on a single feature to ensure security.

Only the Neoteris IVE-based platform solutions can provide security over the entire life cycle of remote access sessions in a single system. The Neoteris IVE-based platform integrates existing AAA infrastructure, and further provides:

* Host Checker-to deliver client-side host validation;
* Data Trap-to trap outbound meta-data, including cookies and headers;
* Cache Cleaner-to clean client-side cache of sensitive information;
* Web Single Sign-on-to implement forms- and header-based SSO; and
* Password Management Integration-to enable interoperability with various authentication stores and servers.

In both the extranet and intranet security markets, a key success factor is the ability to implement self-service and enhanced user experience functionality. In order to minimize IT desktop support costs, enterprises must ensure that their users have the most efficient and secure experience possible. Toward that end, Neoteris has also implemented forms-based and headers-based single sign-on (SSO) capabilities so users no longer need to maintain and enter multiple various passwords at each step of the network, such as at the Access Series gateway and at various application servers that they need to access. Similarly, Neoteris has delivered password management policy integration to minimize the administration, renewal and synchronization of passwords for remote users. The password management feature enables interoperability with various brands of LDAP-based authentication stores, Microsoft Active Directory, and other authentication server technologies.

According to Gartner, Inc., (“Password Reset: Self-Service That You Will Love,” Roberta Witty, Kris Brittain), with an increasing number of applications supported by an enterprise, a typical internal user is required to maintain eight unique user IDs and associated passwords. Password reset represents a call volume range of 10 percent to 30 percent at the IT service desk. The reduction of password reset calls can translate to significant savings for the enterprise in terms of personnel productivity and IT support costs. In a non-automated support model, password reset costs range from $51 (best case) to $147 (worst case) for the labor alone, according to the report.

“The new IVE offerings are the first of a series of releases with sophisticated access management capabilities to increase our broadened market vision,” said Neoteris President and CEO Krishna “Kittu” Kolluri. “Our number one goal has been to provide truly ubiquitous Internet access for users to all network resources, and now with this latest IVE platform release, we can further extend clientless access via an appliance form-factor to extranet and intranet resources. This uniquely positions Neoteris to expand into new markets and tap into more customer business opportunities.”

Neoteris Access Series Product Family
The Neoteris Access Series provides enterprise-class secure access to network resources for remote employees, customers, and partners. Contrary to traditional access technologies, there is no client software to install because Neoteris leverages SSL for secure, controlled access to resources via any Web browser. The Access appliances also eliminate the need to secure or harden servers, or make changes to existing infrastructure. The result is a more cost effective, secure access solution that is easy for customers to deploy and simple for end-users to operate.

Neoteris Access appliances provide application-layer access, stringent access controls, and granular auditing and reporting capabilities to further minimize IT headaches and security concerns. Additionally, the IVE platform offers enterprise-class high availability and performance scalability options, so secure access can be deployed on a wide scale without worrying about user downtime, lost productivity or network performance. Neoteris IVE appliances have passed rigorous security audits by TruSecure Corporation, Cryptography Research, Inc., and security and forensic computing expert Dan Farmer. The products have also won numerous awards as an innovative and compelling access solution, helping enterprises and schools increase efficiency and productivity.

The Neoteris Meeting Series Product Family
The Neoteris Meeting Series is the industry’s first secure cross-enterprise meeting appliance. Built upon the award-winning IVE platform, the Meeting Series enables enterprises to leverage their IT infrastructure to deploy secure, real-time collaboration at a fraction of the cost of alternative solutions. The Meeting Series does not require software deployments or a custom extranet, and it instantly secures cross-enterprise online meetings, protecting enterprises from data exposure, AAA policy violations, system compromises, and network penetration, all while reducing the cost of cross-enterprise collaboration.

About Neoteris
Neoteris, Inc. is the market leader in the Application Security Gateway and SSL VPN product categories, with more than 550 enterprise customers and one million users worldwide. With its Instant Virtual Extranet platform, Neoteris delivers innovative, best-of-breed security products, including the award-winning Neoteris Access Series and the Neoteris Meeting Series security appliances. Founded in May 2000, Neoteris is a privately held company backed by Jim Clark, The Barksdale Group, New Enterprise Associates, Battery Ventures, and individual investors. The company is headquartered in Sunnyvale, Calif., and has international offices in Japan, Korea, London, Frankfurt, and Hyderabad, India. Go to <> for more information.