Array Networks Secure Technology Solutions
AVX Series virtualized appliances provide the best of both worlds – the agility of cloud and virtualization with the performance of dedicated appliances.
Available as physical or virtual appliances, Array ADCs are designed to meet technical requirements while remaining simple enough for any size IT team and affordable enough for any size business.
Available in a range of purpose-built appliances or as a virtual appliance for cloud and virtualized environments - ideal for enterprises that need to support multiple communities of interest as well as service providers that need to provide remote access to globally dispersed data centers.
Anytime, Anywhere Secure Remote Access to Business Applications
In today’s business environment, different business units, project groups, partners, contractors and guests all require secure remote access. What’s more, they require different levels of remote access and often require a user experience tailored to their unique requirements. Most VPNs fall short of these requirements, and suffer from IT's reluctance to issue managed devices to every employee, partner and contractor.
In contrast, Array secure remote access solutions provide greater levels of security, a greater range of access methods, a broader range of device support and the ability to provide differentiated, identity-based access tailored to the needs of multiple communities of interest.
Benefits of Array Secure Remote Access
Minimize Attack Vectors
Reduce the number of network entry points for malicious activity by consolidating secure remote and mobile access onto a single, scalable gateway.
Limit network exposure and establish accountability by selectively enabling Web, remote desktop, application-specific or network-level access with end-to-end security and reporting.
Achieve and demonstrate a higher-degree of compliance with policies defined once for all users, and applied consistently from a single secure access platform.
Fully partitioned and customizable virtual portals drive increased productivity by supporting the unique needs of employees, partners, guests and customers.
Mobilize Your Business
Enable secure access from enterprise-owned managed devices, as well as unmanaged personal devices, including a range of laptops, PCs, and next-generation tablets and smart phones.
Unlike legacy VPNs that require clients on remote devices, SSL VPNs need only a common Web browser to access productivity-enhancing files and business applications. Ubiquitous SSL and comprehensive security means employees, partners, contractors and guests can utilize any device – personal, public or managed - to gain access to authorized corporate resources. Administrators may configure Web access, network-level access or access to specific client-server or thin client applications, and may configure varying degrees of access based on device type, location, security posture and roles within the organization.
Array secure remote access solutions provide security for data at rest and data in motion. Host-checking and end-point security scan the health and posture of remote devices before and after granting access, actively adapting policies based on IT-defined parameters to prevent data leakage. 2048-bit encryption and comprehensive AAA protect data in transit, ensure that only authenticated users have access to authorized resources and provide detailed audit reports for compliance and accountability. Moreover, integrated SSL VPN firewall capability and a reverse-proxy architecture provide additional layers of separation and protection between remote devices and the corporate network.
Virtualization & Segmentation
To meet the secure remote access and security requirements of multiple business units, partners, contractors and guests, Array solutions support up 256 virtual secure remote access portals on a single system. Every virtual portal is fully separate and may be associated with fully segmented networks on the back end, ensuring total security for each community of interest. Virtual portals may also have their own resources and look and feel and be configured and managed independently.
Performance & Scalability
Applications run fast in the office, but delivering them over the Internet is a different story. Array secure remote access solutions boast the lowest possible latency for delivering files and applications to mobile users anytime, anywhere. Multiple acceleration technologies and a scalable, 64-bit multi-core architecture combine to effortlessly support from hundreds to tens of thousands of concurrent users on a single system while maintaining a premium, productivity-enhancing end-user experience.
Enterprise-Wide Remote Desktop Access
Mitigating risks associated with business continuity events and realizing gains through higher employee productivity are driving increased demand for remote desktop access. While traditional VPNs are well suited for giving remote access to employees with managed laptops, they are not as adept at supporting office workers who are issued desktop PCs, terminals, workstations or virtual desktops.
Array’s remote desktop access solution leverages proven remote desktop protocol (RDP) and SSL technologies to allow workers to remotely connect to office PCs from any device, anywhere and at any time. No additional laptops, software or training are required; remote access can be cost-effectively scaled for as many workers as needed from a single appliance. What’s more, because data never leaves the network, security is assured.
Remote desktop protocol (RDP) solution that allows employees to work from anywhere, enabling them to be more productive before and after work and on weekends.
Intuitive remote desktop solution that eliminates the need for VPN-related expenses such as licenses, laptops, security software, bandwidth and training.
Contingency licenses provide cost-effective burst business continuity remote access to guard against losses caused by unanticipated PTO or natural disasters.
Eliminate Data Leakage
Proxy architecture and RDP over SSL allows applications to be used from anywhere without data leaving the corporate network.
Mitigate Business Disruptions
Business continuity events are not the time to purchase, deploy or activate remote access capability. Business continuity remote desktop access must seamlessly scale to support burst usage without IT intervention and without helpdesk support. Array’s remote desktop access solution scales to support thousands of users on a single system with zero IT intervention, ensures compliance is maintained during business continuity events and provides a seamless experience for first-time users. In addition, affordable contingency licenses provide a cost-effective means to support burst usage to accommodate additional users during an event.
Increase Worker Productivity
Increasing employee productivity goes hand-in-hand with maintaining and gaining a competitive advantage. Array’s remote desktop access solution securely and cost-effectively enables office workers to be productive before and after work and on weekends. In addition, it guards against productivity loss caused by unanticipated occurrences such as a sick child, home deliveries, repairs and car trouble. Empowering office employees to work anytime, anywhere, Array's remote desktop access solutions are an affordable solution for rapidly increasing business productivity and competitive advantage.
Secure Mobile Access to Enterprise Applications
The two largest challenges to enterprise mobility are security and availability of business-oriented native applications. Array’s secure mobile access solutions mobilize existing Windows and enterprise desktop applications and provide on-demand connections for native mobile applications in a manner that keeps data secure on the corporate network and limits exposure associated with network-level VPNs.
An Array gateway on the corporate network connects to laptops, desktop PCs, virtual desktops and terminal servers on the backend and proxies applications over an secure connection to an Array native app portal on tablets and smart phones.
Leveraging Array’s secure mobile access solution, sensitive data remains protected on the enterprise network and is accessible anytime, anywhere. In addition, for businesses using a range of technologies to host Windows applications, Array consolidates mobile access on a unified architecture to deliver consistent security policies, greater operational efficiency and a seamless end-user experience.
For secure connectivity to native mobile applications, application-level VPN connections can be enabled by way of integrating with Array APIs as a part of the application development process. Where integration is not an option, Array’s mobile client may be used to create secure on-demand connections that limit exposure associated with network-level VPNs.
Eliminate Data Leakage
Proxy architecture and RDP over SSL enable access to business applications from mobile devices without exposing the corporate network and without the risk of data leakage.
Streamline secure mobile access via a unified secure mobile access gateway for consistent policies, management efficiency and a single, seamless end-user experience.
Any App, Any Device
Deliver existing enterprise applications available on desktop PCs, laptops, virtual desktops and terminal servers to a secure mobile app on smart phones and tablets
Maintain security and compliance through application-level secure access to native apps that does not expose the corporate network.
Applications and resources residing on physical desktops are published to mobile devices in a manner that prevents sensitive business data from leaving the corporate network. Data leakage is prevented without the need for MDM solutions and automated self-provisioning and power management ease deployment and ensure applications are available when and where they are needed.
Applications and desktops residing on Microsoft Terminal Servers or virtualized VMware and Citrix infrastructure are published to mobile devices in a manner that prevents sensitive business data from leaving the corporate network. Data leakage is prevented without the need for MDM solutions and gateway consolidation improves security, operational efficiency and the user experience.
Native Mobile Applications
Array’s lightweight mobile API can be integrated with native mobile apps during development to create app-specific mobile VPNs. Connecting at the application level, personal tablets and smart phones are kept off the network and corporate data is exposed only to individual applications. Where development integration is not an option, Array’s mobile VPN may be used to provide on-demand encrypted connectivity for mobile devices in a manner that limits exposure associated with network-level VPNs.
Bring Your Own Device (BYOD) for Remote & Mobile Access
The consumerization of IT is in full swing. Workers want to be able to access to business applications from personal mobile devices. Array’s bring-your-own-device solution enables seamless mobilization of any enterprise application to any personal device. Moreover, Array’s BYOD solution provides a rapid, cost-effective path to mobility that limits exposure of the corporate network and fully eliminates data leakage.
Array's innovative, appliance-based remote desktop solution enables workers to use personal devices to control physical or virtual office desktops and applications from any location. Whether users are on their home PCs, on a laptop at a customer or partner site or on an iPhone, iPad or Android device, they can work just as if they were sitting in the office without the risk of data leaving the network.
The Array appliance is installed on the corporate network and integrates with existing identity management solutions to establish user credentials. Physical or virtual office desktops and applications are registered for remote and mobile access either by users or IT or automatically via a database.
To use a personal device to remotely control office desktops or applications, users need only a common Web browser or Array's free mobile app for smart phones and tablets. Users simply launch a browser or mobile app, log in and begin using their registered applications and desktops.
Any Device, Anywhere
Remote desktop enables workers to access their office PCs, laptops, virtual desktops and applications from any device, anywhere.
Freedom of Choice
Give workers freedom in selecting a mobile device for business with a free mobile app compatible with any iOS or Android version and platform.
Eliminate Data Leakage
Enable access to business applications from personal devices without exposing the corporate network and without the risk of data leakage, using proxy architecture and RDP over SSL.
Quickly and cost-effectively enable a BYOD strategy with a scalable appliance-based solution that is easy to deploy, manage and use.
Mobilize Any Application
Deliver any application on desktops, laptops, virtual desktops and terminal servers to a secure mobile app on smart phones and tablets to address the lack of native mobile applications for business.
Mobilize Any Application
While mobility and native enterprise applications are experiencing rapid growth, the majority of applications workers use every day to be productive are found on traditional Windows desktops and servers. Because physical or virtual application environments are provided to all employees, Array's solution can enable bring-your-own-device enterprise-wide, without the need for additional hardware, software or application licenses. When using personal PCs or laptops, the BYOD user experience is identical to being in the office. When using personal tablets or smart phones, the solution provides intuitive control over mouse, keyboard and other traditional Windows-specific functions.
Eliminate Data Leakage
The solution is enterprise owned and operated; unlike managed services, it is under full IT control and does not open the corporate network to third-parties. Connectivity from personal devices is encrypted over SSL and the Array appliance acts as a secure proxy, preventing personal devices from connecting directly to the corporate network. Because users remotely control office desktops and applications, data never leaves the corporate network, never exists on personal devices and never mixes with personal data – fully eliminating the potential for data leakage.
Use Any Personal Device
Though BYOD is in the limelight due to explosive growth in mobile computing, it is not limited to mobile devices; bring-your-own-device also includes access from home PCs and personal laptops. In addition to supporting iOS and Android mobile devices, the solution also supports remote desktop and application access from any Windows or MacOS computer. Deploying DesktopDirect, businesses gain a complete solution that enables mobile access, drives productivity and mitigates the effects of business disruptions, in addition to supporting freedom of choice for employees.
Repurchasing or redeveloping enterprise applications for every mobile platform and version is time and cost prohibitive, as is scaling virtualization to serve the needs of every employee. DesktopDirect is an ideal complement to existing native mobile app solutions and supports any mix physical or virtual desktops and applications. In this manner, existing infrastructure is maximized, the need for additional hardware and software is minimized and businesses can expand investments in native mobile apps and virtualization in an intelligent and cost-conscious manner. What’s more, the solution can be set up in as little as a few hours and can achieve ROI in the time it takes to deploy other solutions.
Multifactor Authentication for Multi-Layered Security
Array AG Series secure access gateways address challenges faced by enterprise, service provider and public sector organizations in providing secure remote and mobile access to applications and cloud services. Through interoperability with 3rd party dual and multi-factor authentication solutions, the AG Series adds an additional layer of defense against unauthorized access and misuse of data and applications.
Duo Security is a cloud-based access security provider protecting the world’s fastest-growing companies and thousands of organizations worldwide, including Zillow, Etsy, NASA, Facebook, Paramount Pictures, Random House, Toyota, Twitter, Yelp, TripAdvisor, The Men’s Wearhouse, Dresser-Rand Group, K-Swiss, SuddenLink, and more. Duo Security’s innovative and easy-to-use technology can be quickly deployed to protect users, data, and applications from breaches, credential theft and account takeover. Visit the Duo Security site at www.duosecurity.com.
SyferLock is a provider of next-generation token-less OTP authentication solutions. SyferLock offers an innovative software-based alternative to hard tokens, smart cards and other authentication solutions. SyferLock delivers two-factor and multi-factor authentication utilizing patented software-based grids to convert static passwords/PINs into device-less one-time passwords/PINs (OTPs). SyferLock is market validated with a growing customer list, serving organizations worldwide in a number of markets including Utilities/Energy, Healthcare, Pharmaceuticals, Financial Services, Government and Media/Entertainment. On the Web: www.syferlock.com.
A Layered Approach to Web & Application Security
Application delivery controllers can serve as a first line of defense against common Web & application security exploits such as denial of service (DoS) and malformed URL attacks, as well as unauthorized access. In addition, the Array’s deep application data inspection capabilities can protect against attacks such as cross-site scripting and SQL injection.
Array APV Series application delivery controllers offer a comprehensive suite of Web application security capabilities to protect against a wide variety of malicious attacks. WebWall® protects against DoS attacks as well as malformed URL attacks, and allows Layer 2 through Layer 7 protection policies to be stacked for increased security.
Further, APV appliances are security hardened to protect against L4 and L7 DDoS attacks, and support content filtering to guard against Web and application security risks such as Syn-flood, tear drop, ping-of-death, Nimda, Smurf and others. Array ADCs feature extensive access control lists, network address translation (NAT), and stateful packet flow inspection to protect against attacks and unauthorized access. Because Array’s Web and application security capabilities are executed at the system level, performance and scalability are guaranteed.
Comprehensive suite of Web & application security capabilities including DDoS protection, WebWall application security suite, NAT, and stateful packet flow inspection protects Web sites and applications against malicious attacks and illicit access without impacting performance and scalability.
Streamlined Certificate Management
Only one certificate for SSL-enabled DNS is required per APV appliance, streamlining server SSL management. Concurrent validation of hundreds of thousands of SSL client certificates for authentication and authorization preserves throughput and application performance.
Proprietary Array SSL stack is immune to common OpenSSL weak points, guarding service traffic.
Integrated Web Application Security
WebWall, Array’s suite of integrated stateful packet-inspection firewall capabilities, provide deep application data inspection (beyond just IP and TCP headers) to defend against attacks such as SQL injection and cross-site scripting. Based on Array's hardened OS, WebWall features tamper-proof key and certificate protection, and can process over a thousand ACL rules without performance degradation.
Purpose-Built, High-Performance SSL
Unlike solutions that utilize OpenSSL to provide SSL offload capabilities, Array ADCs utilize a purpose-built SSL stack to process SSL, TLS and DTLS. In addition to providing superior performance and scalability as compared to open source solutions, Array’s purpose-built SSL implementation significantly reduces exposure to security vulnerabilities such as the recent Heartbleed bug. Using Array’s purpose-built SSL stack, businesses do not need to purchase and install SSL certificates for every server in the data center; one certificate representing an SSL enabled DNS may be installed on the Array ADC to greatly reduce the cost of certificates and annual renewals. Moreover, Array appliances support up to 256 unique SSL enabled DNS names on a single system, making them scalable platforms for deploying cloud and managed service offerings.
SSL Certificate Management
Array ADCs can concurrently validate hundreds of thousands of SSL client certificates to perform authentication and authorization on behalf of applications. Array appliances can extract any SSL client certificate field, including custom fields, and pass the information to applications via HTTP headers, URLs and cookies for enhanced access control. Array appliances are also fluent in a range of cipher suites and certificate formats and allow administrators to set precedence for custom cipher suites. In addition, the high-performance Array CRL module can concurrently revoke millions of client certificates for validity without impacting system or application performance.
In addition, Array’s hardware SSL module eliminates the need to purchase and install SSL certificates for every server in the data center; one certificate representing an SSL enabled DNS can be installed on the APV appliance to greatly reduce the cost of certificates and annual renewals. APV appliances also support up to 256 unique SSL enabled DNS names on a single system, making them scalable platforms for deploying cloud and managed service offerings.