� Users will not always own or have access to corporate managed devices, and as such, must be able to securely access from any Web-enabled device. A secure remote access solution must ensure that, regardless of the end-point, security is assured and business critical resources are not jeopardized.

� Some applications are Web-enabled, others aren�t. Some users can be trusted with full network connectivity, others can�t. Today�s secure remote access solutions must be able to support any mix of Web, native, and thin client applications as well as provide for both layer three and layer seven access.

� Legacy IPSec solutions require client software and introduce significant IT administrative overhead; in addition, IPSec provides only encryption and has no provisions for enforcing access control policies. An ideal secure remote access solution will fully address these shortcomings.

� Time is money. Everyone knows applications run fast in the office; applications extended over the WAN are a different story. Secure remote access solutions that introduce zero latency, include application acceleration technologies, and have the capacity to support a large number of users, will go a long way towards satisfying business objectives and user demands.

---

Array Networks addresses these considerations with an SSL VPN secure remote access solution that provides an industry-leading mix of ease-of-use, ease-of-deployment, performance and scalability, multi-layer security, and broad application and device support.

1. Browser-based access. Remote access is possible regardless of the user�s location or access device; all that is needed is a common Web browser. Users enter their credentials at a designated URL, and gain access to a fully secure user interface. Host checking ensures end-point has required anti-virus software and checks to ensure the end-point does not pose a threat. Secure desktop can ensure no information may be saved or printed from remote location. Cache cleaning ensures no temporary or cached files are accidentally left behind on remote device. Authentication, authorization, and auditing, with optional two-factor authentication, ensures the right users have access to the right resources, and produces an activities audit trail as needed for compliance.

2. Integration with existing firewalls and network infrastructure is seamless. SSL VPN is transparent and requires no changes to these devices.

3. The Array SSL VPN terminates connections, decrypts and inspects traffic, and establishes a new connection to back-end servers � ensuring malicious connections are never established directly with business critical resources.

4. Users have access through a fully customizable portal interface to corporate Intranets, file shares, email, and applications as authorized. Any mix of Web, native, and thin client applications may be published to the end user; in addition, similar to IPSec, full layer three network connectivity may also be established

Site-to-Site Access

Secure site-to-site connectivity traditionally implies frame relay, leased line and IPSec deployments. While frame relay and leased line connections are very secure, they are also very expensive � hence the explosion in IPSec deployments, which leverage encryption and the ubiquity of the Internet to create cost-effective and secure multi-site virtual private networks.

For all of its advantages, IPSec retains distinct disadvantages; the most notable being that it provides only an encrypted connection. In common deployments, two or more sites must be connected to allow key applications to communicate, to provide business partners access to a select set of resources, or to allow collaboration for given business units. With IPSec, this can be achieved, but at the expense of exposing the entire network on both ends of the connection.

To address this security gap, administrators must configure extensive ACLs and security policies to ensure only authorized users access authorized resources. With IPSec, this process is time-consuming, error-prone and often disregarded � at great risk to an organization�s well being.

� Encryption plus granular access control

� Dramatically reduced administration and IT overhead

� Remote access and site-to-site connectivity on a single platform

� Run on your choice of Array and/or Linux platforms Array site-to-site

SSL VPN access solutions provide all the benefits of traditional IPSec site-to-site connectivity and go above and beyond, introducing granular access control and the ability to connect sites at the network, host, and application level.;

With site-to-site SSL VPN, organizations requiring site-to-site connectivity to enable communication between business critical applications can establish permanent connections that enable only key applications or host servers to communicate � eliminating the need for complex ACLs and eliminating unwanted network exposure and associated security risks.

At the network level, Array site-to-site SSL VPN provides all the performance and functionality of traditional IPSec connectivity, but with distinct advantages. SSL VPN network separation and NAT capability enables administrators to connect subnets within networks, such that engineering at headquarters is restricted to communicating with engineering at a remote site. No additional ACLs or security policies are required to prevent user communities from viewing or accessing resources or networks for which they are not unauthorized.

Secure Access Consolidation

An added benefit of site-to-site SSL VPN is the ability to consolidate both remote access and site-to-site access on a single platform. SSL VPN is the technology of choice for remote access, due to its clientless browser-based architecture, end-point security, and granular access control. With Array�s site-to-site SSL VPN, administrators no longer need to maintain a separate IPSec system to provide site-to-site connectivity, all secure access can be consolidated on the Array platform to increase security and dramatically reduce IT overhead.

Array and Linux Compatible

Array Networks site-to-site connectivity surpasses IPSec connectivity in more ways than one. While IPSec requires the symmetrical deployment of proprietary vendor platforms, Array site-to-site SSL VPN does not. Array site-to-site SSL VPN software maybe be run on off-the-shelf and/or purpose-built Linux platforms - leveraging existing devices to dramatically drive down both capex and opex expenditures. For example, Array site-to-site SSL VPN is ideal for creating established connections with point-of-sale (POS) Linux devices.

Founded in 2000, Array Networks is a leading provider of high-performance, secure universal access solutions. Array delivers product lines that address the rapidly growing SSL VPN market as well as the application acceleration market. More than 500 customers including enterprises, service providers, government and vertical organizations in healthcare, finance and education rely on Array to provide anytime, anywhere secure and optimized access. Array provides the world�s fastest and most scalable SSL VPN products on the market today. Array�s technology performs 8 times faster and scales 12 times higher than its nearest competitor. As a result, no other company can deliver high-performance SSL VPN solutions at a comparable cost. Array has been recognized by industry leaders including Deloitte, Red Herring, and Synergy as a market and technology leader. Array is headquartered in Milpitas, California with sales offices around the world. The company has approximately 60 resellers and VARs worldwide.