The SRA Platform SRA NetExtender Technology
The beauty of SSL VPN is that it is Web-based and does not require administrators to preinstall a fat client on each remote workstation. This allows for a much greater level of flexibility and a much broader level of access. Using a standard Web browser, remote users launch a personalized Web portal for access to email, files, applications, and internal Web sites (intranet). However, there are some applications where a fat client may bring some advantages. IPSec may be especially useful in areas where the IT administrator tightly controls and manages only a small number of remote workstations. The advantage of the fat client VPN system is that administrators can allow users to have a greater level of access. Now, users can have the best of both worlds with Dell™ SonicWALL™ NetExtender thin client technology.
How it works.
NetExtender adds more power to the Dell™ SonicWALL™ Secure Remote Access (SRA) 4600 and 1600, adding capabilities such as seamless and secure access to any resource on the corporate network, including servers or custom applications.
NetExtender is not a fat client. It pushes a thin client transparently onto the client's desktop or laptop and installs it automatically to facilitate this broader level of access. It assigns remote users an IP address from a preset pool of IP addresses, enabling them to access any TCP/IP-based resource on the corporate network, including a wide variety of legacy applications and services. Remote users gain Layer-3 level access to the protected internal network.
The user experience is similar to that of a traditional IPSec VPN client, except that manual client installation is not required. In addition, the users do not have to worry about Network Address Translation (NAT) devices and proxies, which are the bane of traditional IPSec-based VPNs.
NetExtender creates a virtual adapter for secure point-to-point access to any allowed host or subnet on the internal network. Unlike the stateless nature of the traditional SSL VPN, NetExtender stays resident on the client machine even after the connection is closed. The advantage of running NetExtender as a resident application on the remote system is that it speeds up login times in subsequent uses. Of course, if a remote user chooses to deploy the standalone NetExtender client on their remote machine, but then must log in from a separate machine later, he or she can still access with no problems at all.
Users may also access NetExtender easily in the traditional way through the browser portal from any machine. If desired however, it is possible to select the Uninstall on browser exit option to have NetExtender remove itself after the session ends.
With NetExtender technology, remote users will gain: Access to email through native clients residing on the user's laptop, such as Microsoft® Outlook or Lotus® Notes Access to commercial or proprietary applications and flexible network access.
By deploying the Dell SonicWALL NetExtender, along with Enforced Client Anti-Virus and Anti-Spyware, on the remote workstations, administrators can enforce a policy that requires every remote workstation that accesses the network to have current versions of anti-virus and anti-spyware software up and running. In addition, multiple NetExtender IP range and route support permit the administrator to impose granular access control policies by assigning specific IP addresses or ranges of IP addresses, and specific routes to individual users or groups. This feature also helps to provide control that is more granular over who can access which network resources through NetExtender.
Dell SonicWALL Secure Remote Access (SRA) provides a high level of security on its own. Besides the encryption that is inherent to the SSL model, the personalized Dell SonicWALL Web portal enforces a high level of granularity for each user that the administrator controls. The SRA Series appliance grants remote users access only to authorized areas through the portal. NetExtender also provides enhanced security benefits. With NetExtender, you can force all client traffic through the SSL VPN tunnel, and apply all security services that are running on your primary Dell SonicWALL Network Security Appliance (NSA) or TZ firewall—including enforcement of the Dell SonicWALL host-based anti-virus solution.
Not protocol specific.
While the application proxies support specific protocols such as FTP, HTTP, RDP or VNC, NetExtender is not protocol specific. Rather, it can support any TCP/IP-based application that is running on the local client. Besides extended access, this also means that communications are bidirectional. In other words, the remote client can initiate communications with a host on the internal network, and the reverse is also true—hosts on the internal network can also initiate communications with the remote PC. This functionality is particularly useful for management and administration of remote PCs.
NetExtender platform versatility.
Available as a standalone application for all SRA Series appliances, the NetExtender client may can be launched through the Virtual Office web portal, or as a native application on Windows®, Mac OS® and Linux® PCs and laptops, to access any authorized resource on the corporate network.
NetExtender utilizes a standard interface across all SSL VPN clients, creating a unified look and feel. Support for multiple platforms provides users with greater flexibility to access remote resources from various endpoints. Initial distribution of NetExtender is either through the Virtual Office portal or via a standalone installer.
After initial distribution, users can launch NetExtender independently as a standard application. The NetExtender client supports domain login scripts, and implements a custom dialer that allows launch from the Windows Network Connections menu.
SonicWALL® Mobile Connect™, a single unified client app for Apple® iOS and Google® Android™, provides smartphone and tablet users superior network-level access to corporate and academic resources over encrypted SSL VPN connections.