Symantec To Roll Out Clientless SSL VPN Gateway

The VPN, which will be available in two models, will be sold via VARs, distributors and systems integrators, said Howard Lev, group product manager, Symantec, Cupertino, Calif.

Client software does not have to be installed on end-user devices since users gain remote access to non-Web and Web-enabled applications through SSL technology built into Web browsers.

"SSL technology provides the same degree of security and authentication as IPsec-based VPNs do. The user only needs access to a browser to gain access to any PC or Web-enable devices, a wireless PDA, Windows 2003 mobile-based devices or Palm-based devices," Lev said.

Another benefit is lower cost and reduced administration since clients do not have to be configured or managed, he said.

The Clientless SSL VPN Gateway uses the same encryption technology used by banks for online banking.

The offering grew out of technology Symantec inherited through the acquisition of SafeWeb in October. Symantec has made some improvements to SafeWeb's software including a new intuitive point-and-click user interface, adding some code and porting the technology to Symantec's hardware, said Lev.

Over time, the company plans to integrate the Clientless SSL VPN Gateway with Symantec's Gateway Security appliance introduced in September 2003.

The integrated appliance will have both SSL and IPsec-based access methods, and the appliance includes firewall, antivirus, content-filtering, and intrusion-detection and -prevention options.

For now, the Clientless SSL VPN Gateway comes in two flavors. The 4420 is designed for up to 350 concurrent sessions, while the 4460 supports up to about 1,000 concurrent sessions. The 4460's may also be clustered together to support from 2,000 to 3,000 concurrent sessions, said Lev.

The base price for the Clientless SSL VPN Gateway is $9,945 and includes one year of phone support, advanced replacement and upgrade insurance, said the company.