SUPERCOMM, Atlanta, June 5, 2000 ? CoSine Communications, the leading
provider of managed, network-based IP service delivery platforms for Business IP
Service Providers, today announced enhanced security configuration and
management capabilities to its InGage? Customer Network Management system.
InGage was the first network-based application that allowed enterprise IT managers
to monitor and manage IP network services delivered by a Service Provider (SP)
through CoSine's IP Service Delivery Platform. Now, with InGage Version 2.0, these
Business IP Service Providers can offer customers added control and security by
allowing them to configure their firewall services in addition to providing the ability to
monitor their individual Virtual Private Network (VPN) services.
InGage is a customer-side network management application that controls network
services delivered from a SP via the CoSine IP Service Delivery Platform. Subscribers
use a Web browser to establish a secure link to an InGage Web site maintained by
their SP, where they can monitor network status and provision settings of Network
Associates' Gauntlet© firewalls. By allowing users to adjust network security services
immediately and at any time without truck rolls, InGage lowers SPs' costs while
improving customer trust and satisfaction.
"InGage now makes it easier for service providers to realize the revenue potential of
value-added services such as VPNs," said Benjamin Niu, senior product manager at
Cosine. "End users want the same level of control over their network security when
they outsource these services as they do when they run an in-house network. Now
they can have that kind of control with InGage while offloading frustrating
management hassles."
"Customer trust and security is a primary factor in realizing the projected growth of
the managed VPN services market," said Ron Westfall, senior analyst at Current
Analysis (Sterling, VA). "By enhancing end-user firewall monitoring and configuration
features for InGage, CoSine is directly addressing the trust issue and eliminating it as
a barrier to market growth. These features are another example of CoSine's
commitment to providing secure VPNs and the control customers desire."
Enhancing Customer Security and Control
InGage's new features give enterprise IT managers more confidence when allowing
SPs to manage their network-based Gauntlet firewalls. InGage offers users the same
control over their firewall configurations that they would have with Customer
Premises Equipment (CPE), but without the installation, maintenance and repair
problems.
Using InGage, customers can monitor and configure access for all VPN sites on the
SP's public IP network from their desktop. All connections to the InGage Web server
require a user name and password (digital certificates are also supported for added
authentication). Once the customer's IT manager enters user name and password
information, InGage presents complete information about that customer's network
status, configuration and security settings. The IT manager can then change any of
the security settings immediately without having to submit a request to the SP.
With InGage, enterprise IT managers can immediately respond to security threats.
Using a simple point-and-click Graphical User Interface (GUI), enterprise IT staff can
configure individual VPN sites as well as set access privileges for other IT staff
members or VPN users. A complete set of router policy and packet filtering options
allows corporate IT managers to protect any VPN site, from branch offices to remote
home users. For example, individual employees can be immediately denied access
upon termination through a change in a VPN's source or destination addresses. An SP
customer might want to filter out all PUT commands sent to its FTP servers so that it
can serve up end-user documentation while blocking new files from unauthorized
sources. Business users might filter out cookies being delivered from HTTP servers or
block downloads of ActiveX programs to prevent other problems.
Monitoring and Configuration Features
InGage makes network-based VPNs manageable for the SP customers by offering
complete monitoring and control. The enterprises can view a list of VPN sites and see
each site's connect status, link speed, external gateway information, encapsulation
protocol, and virtual tunnel settings and performance. With access to this
information, users can easily identify potential security or performance problems,
such as having too many virtual tunnels into a secure server farm, and can use
InGage to change tunnel assignments or settings.
InGage supports Network Associates' Adaptive Proxy technology, which enables
users to set up specific access rules for permitting or preventing certain types of
traffic. Customers can enable or disable proxies, add or change router policies to
allow or deny access to certain sites or to accept certain commands and reject
others, and adjust packet-filtering options by source address pair or port pair.
InGage offers four default policies for each proxy, and users can view or change
these as needed, making it easy to establish new VPN sites quickly.
Adding Service Provider Flexibility
SPs can set up InGage to meet any customer's security and configuration needs.
InGage allows providers to set access privileges on a per-customer basis. For
example, SPs who wholesale network services to other SPs or highly competent
corporate IT organizations can grant full access to them, while SPs who sell to small
businesses might block InGage access completely.
SPs can set two classes of access privileges for customers, one for enterprise
administrators and another for enterprise users. The administrator class offers access
to all firewall and VPN settings by default, while the enterprise user class allows
administrators to limit access for other IT staffers to a subset of VPN sites or
configuration options. This way, IT technicians in specific geographic areas can be
allowed only to view or change settings for sites within their areas. Within classes,
InGage supports different privileges. For example, some InGage users might be
allowed to view their VPN or change configuration settings of their VPN services,
such as firewalls and network address translation, while other users might only be
allowed to view these settings.
About CoSine Communications Inc.
Founded in 1998 and based in Redwood City, Calif., CoSine Communications develops,
markets and sells managed IP service delivery platforms designed for Business IP
Service Providers who risk losing profitability with today's low-value Internet access
services. The CoSine solution enables Next Gen Telcos, Competitive IXCs,
International Service Providers and PTTs to quickly and reliably turn up value-added
services to their wholesale and retail subscribers. |
