Protecting devices that spend time "in the wild" outside the corporate firewall can go a long way toward securing all of your IT assets. iPass integrates a number of technologies into its platform to help protect remote and mobile devices.
Pre-connect Security Checks
Protecting remote and mobile devices starts with ensuring that personal firewalls and anti-virus software are always up and running before allowing Internet access. The iPassConnect™ mobility manager can check that these security applications are running and automatically launch them if they're not.
Pre-connect Assessment and Remediation
Out-of-date remote and mobile devices pose a security risk. Another way to protect end-user devices is by assessing the device for anti-virus and OS patch levels as part of the connection process before exposing the device to the Internet and corporate network. To do this, iPass has integrated its client technologies with device management services that perform the following steps for every Internet connection, whether or not they occur over an iPass network.
Lockdown. Upon system boot, the iPass device locking agent automatically restricts user Internet access solely to specific trusted servers, isolating remote and mobile PCs from malware.
Assess. iPass servers inventory end-user PCs for rogue applications, out-of-date security software, such as anti-virus definition files and anti-spyware updates, and missing Windows OS patches. The scanning engine can determine which machines are missing any given Microsoft patch.
Remediate. The Device Management service automatically downloads, installs and launches needed updates over the Internet via SSL tunnels and trusted servers.
Unlock. Once the PC is deemed healthy (up to date) and anti-virus software, personal firewalls and VPNs are running, the iPass device locking agent automatically permits full Internet access and (if so configured) auto-launches the user's VPN.
Maintaining Secure Connections
The iPassConnect mobility manager can be configured to automatically tear-down the Internet connection if the users VPN session terminates.
Device Fingerprinting Technology
Ensuring only corporate-authorized devices gain network access via VPN goes a long way toward protecting a company's entire infrastructure. Device fingerprinting technology from iPass does just this. It works by gathering unique identifying numbers from select hardware components within each device. After that, every time a device attempts to connect, the technology verifies its "digital fingerprint" before setting up a VPN and granting access.
