Endpoint

7/9/2009
04:30 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

NCP Rolls Out VPN Management For Linux Networks

NCP Secure Enterprise Management (SEM) System provides varied administrative access and activity log viewing for easy management of multiple VPNs

Boston—July 8, 2009—NCP engineering GmbH today announced the availability of a new version of the software-based NCP Secure Enterprise Management (SEM) System for Linux-based systems. Developed from the ground up to make hybrid IPSec / SSL networks powerful yet easy to manage, the NCP SEM System can plug-and-play with any existing network infrastructure or stand on its own as a new component. A single administrator is enabled full control over tens-of-thousands of secure connections, policy setting and enforcement, client updates, configurations and a host of other network access control (NAC) management activities from one dashboard interface.

Anyone running multiple VPNs that require individual settings, the NCP SEM System provides varied administrative access and activity log viewing for easy management. For example, a global enterprise that runs 20 different VPNs for various divisions, or an IT provider that runs 100 VPNs for clients, has the ability to manage each independently with its own administrator, and as a whole under a master administrator. All log messages are allocated to the relevant network administrator and are invisible to the others. The administrator can monitor traffic and capacity for all components of each network, all from a single PC screen. In either example, each company needs only to run one master VPN with the security and privacy benefits of 20 or 100 separate ones, but the management tasks of just one.

Further simplifying a Linux-based hybrid VPN, the NCP SEM System streamlines client updates and plug-in management. All centrally managed from a single administrator or as a routine, automated process, configuration and software updates can be carried out via a LAN connection—without requiring a VPN tunnel. In addition, update rule-sets can be enacted based on the type of network connection a device is currently connected to, avoiding 'bandwidth hogging' and pricey wireless data consumption fees. The NCP SEM System can also 'pat down' each device upon attempting to establish a VPN connection to identify if any third-party security software is missing or out of date. The end-device user will then be prompted to take appropriate action.

The SEM System is compatible with the SUSE, RedHat and Debian Linux systems. Complete technical specifications and features are available on the company's Web site at http://tinyurl.com/dg6y2j.

For additional information about NCP, please visit the company's blog, VPN Haus or follow it on Twitter at @vpnhaus.

About NCP engineering GmbH Headquartered in Nuremberg, Germany, NCP engineering helps IT network managers secure data transmission in public networks and across the Internet. Organizations that employ remote access, mobile computing, teleworking and e-commerce throughout the world rely on NCP for key secure communications technology including Remote Access, IP-Routing, VPN and Firewall solutions, Identity and Access Management (IAM) and Network Access Control (NAC). The firm is devoted to avoiding vendor-lock for customers through regular compatibility testing and full integration with PKI-Infrastructures, as well as support for two-factor authentication on end-devices. NCP serves North American customers through a network of technology, reseller and VAR, and OEM partners, including WatchGuard and Astaro.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Tips for the Aftermath of a Cyberattack
Kelly Sheridan, Staff Editor, Dark Reading,  4/17/2019
Former Student Admits to USB Killer Attack
Dark Reading Staff 4/18/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
5 Emerging Cyber Threats to Watch for in 2019
Online attackers are constantly developing new, innovative ways to break into the enterprise. This Dark Reading Tech Digest gives an in-depth look at five emerging attack trends and exploits your security team should look out for, along with helpful recommendations on how you can prevent your organization from falling victim.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-11332
PUBLISHED: 2019-04-18
MKCMS 5.0 allows remote attackers to take over arbitrary user accounts by posting a username and e-mail address to ucenter/repass.php, which triggers e-mail transmission with the password, as demonstrated by 123456.
CVE-2019-9161
PUBLISHED: 2019-04-18
WAC on the Sangfor Sundray WLAN Controller version 3.7.4.2 and earlier has a Remote Code Execution issue allowing remote attackers to achieve full access to the system, because shell metacharacters in the nginx_webconsole.php Cookie header can be used to read an etc/config/wac/wns_cfg_admin_detail.x...
CVE-2019-11015
PUBLISHED: 2019-04-18
A vulnerability was found in the MIUI OS version 10.1.3.0 that allows a physically proximate attacker to bypass Lockscreen based authentication via the Wallpaper Carousel application to obtain sensitive Clipboard data and the user's stored credentials (partially). This occurs because of paste access...
CVE-2019-11331
PUBLISHED: 2019-04-18
Network Time Protocol (NTP), as specified in RFC 5905, uses port 123 even for modes where a fixed port number is not required, which makes it easier for remote attackers to conduct off-path attacks.
CVE-2019-9160
PUBLISHED: 2019-04-18
WAC on the Sangfor Sundray WLAN Controller version 3.7.4.2 and earlier has a backdoor account allowing a remote attacker to login to the system via SSH (on TCP port 22345) and escalate to root (because the password for root is the WebUI admin password concatenated with a static string).