Permeo Serves To End Remote-Access Woes

Remote access tends to be the biggest headache for solution providers, where ease of use and effective protection must be combined—traditionally a complicated endeavor. Permeo Technologies aims to simplify the remote-access conundrum, while offering bulletproof security. Permeo&'s Base5 product is geared toward providing application security by deploying a secure client—similar to a VPN—that requires little user intervention and extends security to remote users via policies.

Base5 is offered as a “soft appliance,” a moniker that defines Base5 as a software product that is engineered to be installed on a dedicated system (hence, an appliance). While most appliance-based products are proprietary, Base5 takes a different approach. The software supports an impressive list of generic hardware, giving solution providers the latitude to build customized appliances.

Installing Base5 is a snap. The product comes on a self-booting CD and deploys automatically to the selected hardware. CRN Test Center engineers installed Base5 on a basic Compaq DL320 server and encountered no problems. Interestingly, engineers were able to install the software into a virtual session using Microsoft Virtual Server. Although that configuration is not recommended, the ability to use the product in a virtual environment could eliminate the need for an appliance altogether. Base5 is built on a Linux Kernel and offers configuration and management options via a browser-based console. During the product installation, installers will use an initial setup wizard to assign IP addresses and basic networking configurations. After that, configuration chores will take place on another system using a browser. A quick-start wizard is launched upon first access to Base5, which allows installers to quickly set up user accounts, groups and policies.

The design of Base5 doesn&'t end with just secure access. The product also offers endpoint security. In other words, all endpoints—remote PCs, servers and handhelds—are protected from threats. Once a user authenticates to Base5, the local Base5 client sets up a secure SSL connection and then validates the remote system, checking for key loggers, viruses, applicable patches and so on. If the remote unit fails any of the defined policies for access, it is denied entry into the network.

Policies can be defined for individual applications and target servers, a capability that allows access to be based upon a user&'s rights, groups and other policy elements. For example, certain users may only have remote-access rights to a Microsoft Exchange Server, while others may be able to run some applications beyond that.

Although the device is secure enough to live in a DMZ, the Base5 appliance typically will be placed at the edge of the network but still behind a corporate firewall. All remote-access requests will be directed to the Base5 system, which then acts as a proxy/gateway for external clients.

Base5 provides SSL, SOCKS and HTTP reverse proxy to keep client access secure. All login and connector rules are stored on the Base5 appliance, which is also responsible for pushing out the client piece of the package (referred to as the connector). All of the security magic happens when the connector authenticates to the Base5 appliance. Once the session ends, the connector is removed from the remote PC, which allows users to access corporate resources on a temporary basis from guest systems. Rules are used to control logins, connector access and redirection to each of their appropriate resources. Applications can be setup in groups to further simplify administration of Base5. Speaking of administration, which is another area solution providers will find quite easy to master, all management screens are concise and offer intuitive text to define policies. The consoles dashboard offers a quick look at connections and activity, making remote management of the unit a relatively easy task.

Permeo&'s Base5 offers a simple solution to a complex problem, and solution providers will be well served by the unit&'s ease of deployment and quick-start capabilities. Permeo also brings simplicity to its channel program. The company&'s two-tier partner program offers varying margins ranging from 20 percent to 35 percent. Tier-one partners are aptly called Permeo Approved Partners, while tier-two partners are referred to as Permeo Premier Partners.

Approved Partners are entitled to pre- and post-sales support, no-charge demonstration license, Permeo Partner Portal access, Partner logo on Permeo Web site and training (fee for on-site). Premier Partners also earn market development funds and one day per year of training at no charge. On-site training typically runs $1,500 per day. Partners will need to meet minimum yearly sales levels. The company distributes software directly to partners, eschewing the traditional distribution network. Solution providers can reap additional margins based upon services provided.