Pushing Policies at Hotspots

By Eric Griffith

February 10, 2004

While enforcement of network security polices is growing to be the norm on enterprise networks, it hasn't been the case for remote and mobile workers. Until now.

While enforcement of network security polices is growing to be the norm on enterprise networks, even on wireless LANs, it hasn't been the case for remote and mobile workers. That might be about to change.

Hotspot aggregator GRIC Communications , which makes deals with network providers to get access for its corporate customers, is now offering a managed solution they call Total Security Protection (TSP). The plan is to make sure that the end-users of their service are connecting as securely as possible when accessing their corporate networks from remote locations.

"Internet-based remote access -- enterprises have concerns about it," says Rob Fuggetta, senior vice president of worldwide marketing at GRIC. "The Internet is not inherently secure, but access methods for using it -- like Wi-Fi -- have a lot of advantages. They have ubiquity and low cost."

Such advantages mean mobile workers will not be giving up the access they can get using hotspots (or hotel-room Ethernet or even dial-up connections) any time soon. GRIC says the TSP policy enforcement will make sure that anyone using such a remote connection has the latest updates and IT administration-specified equipment before they can connect to the network. Those policies could include anything from the latest anti-virus definitions to a working firewall to an active virtual private network (VPN) connection.

"We want to provide enterprises with total security from the remote endpoint all the way to the edge of the corporate network," says Fuggetta.

TSP is built not only into the GRIC Mobile Office client software, but also its Teleworker software for relatively stationary telecommuters, and its appliances for branch offices.

To further bolster their security, GRIC has entered a deal with Sygate Technologies, which makes endpoint security products, to integrate the centrally-managed TSP with Sygate equipment. However, Fuggetta points out that TSP works with other equipment and in fact supports technology from a number of other vendors. "We have a mix and match approach, so enterprises can choose what works for them."

GRIC's TSP does full policy enforcement and pushes policies to remote users. Thus it might, for example, send and install a new Microsoft Windows security update before allowing full access to corporate servers.

Main competitor iPass announced an Endpoint Policy Managment service late last year.

Because mobile workers can and do change venues multiple times, even in a single day if going from hotspot to hotspot, TSP checks for policies on the remote end with every new authentication.

Cost of TSP will be over and above the usual cost to use GRIC service, with some specific components at $5 per user per month, or the entire package for $10 per user per month. Fuggetta likens it to home phone services, where you can added incremental services like CallerID to your existing phone line.

"We believe from our conversations with enterprises, most feel they're not fully protected," says Fuggetta. "They want additional capabilities to make workers and the data on their networks more secure. Enterprises have a bewildering array of tools to choose from -- they'd like us to make this easier for them ... to be secure and productive every day."

GRIC's TierOne Network currently consists of 6,100 Wi-Fi access points around the world, with many more wired locations.

Originally published on .

Comment and Contribute
(Maximum characters: 1200). You have
characters left.