SSL Network Extender is a browser plug-in that uses the SSL transport protocol to encrypt data passing over the Internet between a remote machine and a network. SSL Network Extender is supported on Windows 2000 and XP using Internet Explorer 5.0 or better.
Just as a user on the Web downloads a Flash file to run animation on the spot, users download the Network Extender technology through a browser when they need remote access to a network, said Dean Ocampo, product marketing manager of Check Point. "It's completely on demand. Anyone can do it if they have a Web browser."
For the police departments, that makes access to JNET much simpler. Instead of setting up software on the client machine and launching it each time an officer needs to use the county's network, users just go to a Web site, said Hileman. "It automatically, right away, tells them, 'Give me user name and password.' They put it in, and they're logged [into JNET]."
Before deploying the new software for the police departments, Sprankle had one of his technicians set up an account for him so he could access two specific servers on the county network from his laptop at home.
"It seemed pretty secure," he said. "Whatever we give people access to, that is really the only device they can access."
Additional Steps Needed
The Web-based solution doesn't come with as many built-in safeguards as the client-based VPN, Ocampo said. Along with encrypting data, VPN-1 provides personal firewalls and other security controls to keep malicious code from passing through to the network. SSL Network Extender simply encrypts the data.
Restricting access is one technique SSL Network Extender users employ to make sure they fully protect their networks from threats that might slip in via remote computers.
"You'll take other steps to provide security because you don't have security controls embedded in the clientless solution," he said.
For external users allowed to access only one or two servers on the network, that level of security works fine, Sprankle said. For internal staff needing remote access, VPN-1 is probably the better choice, because there are additional management capabilities.
Sprankle is thinking of offering SSL Network Extender to a new category of outside users: municipalities looking for GIS data from the county. Right now, local governments that want to use the county's GIS data call the Tax Department or the GIS Department to describe what they need. Someone in the department extracts the data and either sends it on a CD or as an e-mail attachment.
"I'm hoping to push out this remote access to municipalities, so they can just connect to a server we have out here for municipalities to access all the data they need," he said.
Demand for remote data access will continue to grow because modern technology has conditioned people to expect that capability, Sprankle said.
"Why get up and get in your car and go someplace to access information when you can easily access it from your office, your home or your school? That's just the way things are going in the IT world."