March 01, 2006
- Ease of Use:
- Value for Money:
- Overall Rating:
- Strengths: Innovative support for mobile devices.
- Weaknesses: Presentation might be better.
- Verdict: Particularly interesting from a remote user perspective.
PortWise’s basic tenet is to protect remote access to organisational assets via a combination of both user and device authorisation.
This principle acknowledges that users may be connecting to the host network via a variety of remote devices, including all sorts of mobile or third-party devices.
So the first step in accepting such a connection is to assess the device being used and its relevant state of security. In extreme cases, devices considered as being non-compliant may be refused entry.
Having ascertained the use of a suitable device, the user will then be authorised via either single or two-factor authentication – maybe using the connecting device itself as a token. For example, if you use a mobile phone to connect, then a one-time password may be sent to the phone to be used as part of the authentication process.
Support for BlackBerry is also provided in this context – an interesting approach as this is clearly a popular corporate tool. Similarly, wireless connection of clients via wireless access points is catered for.
Authorisation is granted or not according to in-place rules and, if all is well, the session takes place over an SSL connection. The user is then presented with a web based “application portal” from which they can choose which applications to access. This is also an interesting approach because it means a wide variety of devices can be used to access the network and run applications, without the need for specific software at the remote device.
The application portal can be customised to offer the user an appropriate set of applications according to defined access rules. At the back end, the architecture is based around the provision of interlinked services such as policy, authentication and administration.
Like many such products, its effectiveness will partly depend on the effort put into deploying it, including planning, configuration and the definition of rules. With a little imagination, however, one can foresee some interesting possibilities here – it’s clear a lot of thought has gone into the product itself.
The CD-Rom supplied for review included an impressive set of documentation in PDF format, including a nice tech note on performance optimisation, although one would always prefer a proper set of ring bound manuals. This is an interesting product that will no doubt prove extremely valuable for certain user infrastructures.
SC Webcasts UK
Information Security Manager
Infosec People - Hammersmith, West London
Junior Penetration Tester, Hertfordshire, to £35k + benefits
Infosec People - England, Hertfordshire
Cyber Security Architect
CYBER EXECS - London (Greater)
SOC Analyst, Aldershot, £47-56k + package
Infosec People - Hampshire, England, Aldershot
Senior Security Engineer
Loveworklife Recruitment - United Kingdom
Sign up to our newsletters
SC Magazine UK Articles
- Tesco Bank allegedly ignored warnings of hack from Visa
- Investigatory Powers and Digital Economy Bills could threaten economy
- Updated: A million German routers knocked offline by failed Mirai botnet attack
- Gooligan ad fraud malware infects 1.3M Android users, installs over 2M unwanted apps
- Microsoft update left Azure Linux virtual machines open to hacking
- SC Awards Europe 2016 winners announcements!
- ISIS radicalises 'lone wolves' through strong social media presence
- Updated: How will Brexit affect the cyber-security industry in UK and Europe?
- ICYMI: CEO Sacked; MS Zero-day; Passwords dropped; Ransomware wild, charging hack
- 9.2 million medical records for sale on darkweb
- ICYMI: Tesco warned; IP Bill threatens economy; German routers offline; Azure trojan; Gooligan fraud
- Data centres are on the move - where will they end up?
- 90% of ITDMs believe IAM is crucial to digital transformation success
- Research: Hacked companies could see customer exodus if breached
- Misconfigured drive exposes locations of explosives used by oil industry