Chris Hastings had a problem. The manager of network security at Nashville’s Vanderbilt University Medical Center had installed a VPN (virtual private network) on the hospital’s 13,000 node network – two Cisco 3030 concentrators – that about 400 doctors, nurses and IT professionals used to remotely access and manage production medical systems such as patient records databases. The trouble was, the VPN was ill-suited – and overkill – for the remaining 8,500 employees, most of who just needed access to data – files on their office desktops or a file server, so they could work from home or while on the road.
Worse, many of the medical professionals granted VPN access were overwhelmed. “I’d explain, download the VPN client onto your machine, then come through and authenticate. But they’d ask, ‘What number do I have to dial?’ and ‘What do you mean by ISP?’ ” Hastings says.
NetSilica Inc. offered Hastings not an alternative to Vanderbilt’s VPN, but a complement. The New Jersey start-up recently began beta-testing its SSL-based Enterprise Peer Network (EPN) software, which allows users to access data on any designated source via a Web browser. The EPN server software resides on a dedicated network server; client software is installed on each of the target data sources, typically a user’s PC or file server. NetSilica claims its software is more secure than other SSL-based remote access products such as Neoteris or ExpertCity’s GoToMyPC.
But as Vanderbilt’s network security manager, Hastings needed to know exactly how the product worked before he’d trust his network data to it. “At first, NetSilica just told us the client software doesn’t introduce any vulnerability. But that was pretty hard to swallow,” he says. “We weren’t comfortable using it until they explained how it worked. And still, they wouldn’t tell us until we promised not to reveal it.”
Since the core technology is proprietary, David Haines, vice-president of strategy and development, won’t publicly say more than: “NetSilica uses a unique process that protects the network from incoming communications from any outside source.”
Even after Haines told Hastings how NetSilica worked, Hastings scanned all the machines on which they installed the client. “We had to make sure what they were saying was exactly right,” he says. “And yes, the transmissions are secured.” The software also includes logging and auditing features that allow Hastings to know who logs in when, where and to access what data source.
After six weeks of trial use with 50 users, Hastings says he’s satisfied, adding, “We could set up 1,000 to 1,500 users very quickly, and grow at a steady rate. It’s in the budget.”
Users find the set up relatively easy. Hastings gives them the IP (Internet Protocol) address of the EPN server, they log on from the machine they want to access remotely, authenticate with Active Directory, click on the software link on the Web page, download the client, select the files and folders they want to remotely access, choose a unique machine name, then authenticate again. To access files, users access the Web site on the server, authenticate, highlight the files they want to access and click the “get” button. When they select a target destination for the files, they click the “put” button. If several files are highlighted, the program automatically launches WinZip and compress the files before transport. The EPN also lets users share specific files with team members on their data source.
The EPN server and client software run on any Unix and Windows platform. Additional modules integrate with Microsoft Outlook and Exchange, Active Directory, LDAP and RADIUS servers, as well as authentication schemes such as SecureID and digital certificates. A wireless extension lets you access data from any wireless device.
EPN is typically sold per license to large companies and as a hosted service for smaller ones. A 500-user company can expect to pay about US$50,000, depending on additional modules, plus 20 per cent annually for maintenance and support. Hosted services cost US$13 to US$15 per user, per month.