Endpoint

7/9/2009
04:30 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

NCP Rolls Out VPN Management For Linux Networks

NCP Secure Enterprise Management (SEM) System provides varied administrative access and activity log viewing for easy management of multiple VPNs

Boston—July 8, 2009—NCP engineering GmbH today announced the availability of a new version of the software-based NCP Secure Enterprise Management (SEM) System for Linux-based systems. Developed from the ground up to make hybrid IPSec / SSL networks powerful yet easy to manage, the NCP SEM System can plug-and-play with any existing network infrastructure or stand on its own as a new component. A single administrator is enabled full control over tens-of-thousands of secure connections, policy setting and enforcement, client updates, configurations and a host of other network access control (NAC) management activities from one dashboard interface.

Anyone running multiple VPNs that require individual settings, the NCP SEM System provides varied administrative access and activity log viewing for easy management. For example, a global enterprise that runs 20 different VPNs for various divisions, or an IT provider that runs 100 VPNs for clients, has the ability to manage each independently with its own administrator, and as a whole under a master administrator. All log messages are allocated to the relevant network administrator and are invisible to the others. The administrator can monitor traffic and capacity for all components of each network, all from a single PC screen. In either example, each company needs only to run one master VPN with the security and privacy benefits of 20 or 100 separate ones, but the management tasks of just one.

Further simplifying a Linux-based hybrid VPN, the NCP SEM System streamlines client updates and plug-in management. All centrally managed from a single administrator or as a routine, automated process, configuration and software updates can be carried out via a LAN connection—without requiring a VPN tunnel. In addition, update rule-sets can be enacted based on the type of network connection a device is currently connected to, avoiding 'bandwidth hogging' and pricey wireless data consumption fees. The NCP SEM System can also 'pat down' each device upon attempting to establish a VPN connection to identify if any third-party security software is missing or out of date. The end-device user will then be prompted to take appropriate action.

The SEM System is compatible with the SUSE, RedHat and Debian Linux systems. Complete technical specifications and features are available on the company's Web site at http://tinyurl.com/dg6y2j.

For additional information about NCP, please visit the company's blog, VPN Haus or follow it on Twitter at @vpnhaus.

About NCP engineering GmbH Headquartered in Nuremberg, Germany, NCP engineering helps IT network managers secure data transmission in public networks and across the Internet. Organizations that employ remote access, mobile computing, teleworking and e-commerce throughout the world rely on NCP for key secure communications technology including Remote Access, IP-Routing, VPN and Firewall solutions, Identity and Access Management (IAM) and Network Access Control (NAC). The firm is devoted to avoiding vendor-lock for customers through regular compatibility testing and full integration with PKI-Infrastructures, as well as support for two-factor authentication on end-devices. NCP serves North American customers through a network of technology, reseller and VAR, and OEM partners, including WatchGuard and Astaro.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
How the US Chooses Which Zero-Day Vulnerabilities to Stockpile
Ricardo Arroyo, Senior Technical Product Manager, Watchguard Technologies,  1/16/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
The Year in Security 2018
This Dark Reading Tech Digest explores the biggest news stories of 2018 that shaped the cybersecurity landscape.
Flash Poll
How Enterprises Are Attacking the Cybersecurity Problem
How Enterprises Are Attacking the Cybersecurity Problem
Data breach fears and the need to comply with regulations such as GDPR are two major drivers increased spending on security products and technologies. But other factors are contributing to the trend as well. Find out more about how enterprises are attacking the cybersecurity problem by reading our report today.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-3906
PUBLISHED: 2019-01-18
Premisys Identicard version 3.1.190 contains hardcoded credentials in the WCF service on port 9003. An authenticated remote attacker can use these credentials to access the badge system database and modify its contents.
CVE-2019-3907
PUBLISHED: 2019-01-18
Premisys Identicard version 3.1.190 stores user credentials and other sensitive information with a known weak encryption method (MD5 hash of a salt and password).
CVE-2019-3908
PUBLISHED: 2019-01-18
Premisys Identicard version 3.1.190 stores backup files as encrypted zip files. The password to the zip is hard-coded and unchangeable. An attacker with access to these backups can decrypt them and obtain sensitive data.
CVE-2019-3909
PUBLISHED: 2019-01-18
Premisys Identicard version 3.1.190 database uses default credentials. Users are unable to change the credentials without vendor intervention.
CVE-2019-3910
PUBLISHED: 2019-01-18
Crestron AM-100 before firmware version 1.6.0.2 contains an authentication bypass in the web interface's return.cgi script. Unauthenticated remote users can use the bypass to access some administrator functionality such as configuring update sources and rebooting the device.