MCI strengthens secure remote access

MCI is to partner with Aventail to deliver clientless Secure Sockets Layer virtual private network technology, and will introduce...

MCI is to partner with Aventail to deliver clientless Secure Sockets Layer virtual private network technology, and will introduce new features to its Remote Access suite of services, including technology to detect online fraud and scramble user passwords sent over its global network.

SSL VPNs are an increasingly popular technology for providing remote users with access to network resources such as e-mail, software applications and network file servers.

As opposed to VPNs that use secure Internet Protocol, clientless SSL VPNs do not need a separate software application to run on the remote user's machine. They also rely on the SSL protocol, which is a part of most common web servers and web browsers and widely used to secure e-commerce transactions. 

MCI's managed remote VPN service will allow customers to connect to corporate networks from any internet connection using any computer with a web browser, MCI said.

The new service will be integrated with MCI's desktop remote access platform, called Access Manager, and its administrative platform for Remote Access Service called Enterprise Services Management. That integration will make it simpler for administrators to manage user passwords and access policies, the company said.

MCI is also building security into Remote Access network services. The Remote Access program provides a range of security services and support for companies with employees who need to access corporate networks through wireless, DSL or Ethernet connections.

In May, the company will begin offering anti-fraud protection for Remote Access customers. The new features use patented anti-fraud technology called "MCI Sheriff" to spot fraudulent traffic generated when a user's account is hijacked by an unauthorised user.

MCI will also add support for Extensible Authentication Protocol (EAP) to Remote Access later this year.

EAP is an authentication protocol designed to insure interoperability and compatibility between different user authentication systems. Support of EAP on MCI's global IP network will provide stronger authentication for user passwords and other data sent over that network, MCI said.

Paul Roberts writes for IDG News Service

Read more on IT strategy