Disable kiosk mode

12

Specify multiple ports and port ranges for network resources

12

Voice over IP softphone support

12

Editable HOSTS file

12

NTLM authentication and authorization support. ...................................................................... 13

Added challenge-response to RADIUS user authentication

13

SafeWord PremierAccess changed to support standards-based RADIUS token user

 

authentication

13

Updated serial console menu

13

Features

13

Administration Tool

13

Firebox SSL VPN Gateway Settings

14

Feature Summary

16

The User Experience

16

Deployment and Administration

17

Planning your deployment

18

Deploying the Firebox SSL VPN Gateway in the Network DMZ

18

Deploying the Firebox SSL VPN Gateway in a Secure Network

18

Planning for Security with the Firebox SSL VPN Gateway

19

Configuring Secure Certificate Management

19

Authentication Support

19

Deploying Additional Appliances for Load Balancing and Failover

20

Installing the Firebox SSL VPN Gateway for the First Time

20

Getting Ready to Install the Firebox SSL VPN Gateway

20

Setting Up the Firebox SSL VPN Gateway Hardware

21

Configuring TCP/IP Settings for the Firebox SSL VPN Gateway

21

Redirecting Connections on Port 80 to a Secure Port

24

Using the Firebox SSL VPN Gateway

24

The Firebox SSL VPN Gateway operates as follows:

24

Starting the Secure Access Client

25

Enabling Single Sign-On Operation for the Secure Access Client

25

Establishing the Secure Tunnel

26

Tunneling Destination Private Address Traffic over SSL or TLS

26

Operation through Firewalls and Proxies

26

Terminating the Secure Tunnel and Returning Packets to the Client

27

Using Kiosk Mode

28

Connecting to a Server Load Balancer

28

CHAPTER 3 Configuring Basic Settings

31

Firebox SSL VPN Gateway Administration Desktop

32

To open the Administration Portal and Administrative Desktop

32

Using the Administration Portal

32

Downloads Tab

32

Admin Users Tab

33

Logging Tab

33

Maintenance Tab

33

iv

WatchGuard SSL VPN Gateway

Page 4
Image 4
WatchGuard Technologies manual Planning for Security with the Firebox SSL VPN Gateway

SSL VPN specifications

WatchGuard Technologies offers a robust SSL VPN solution designed for secure remote access to corporate networks. As businesses increasingly rely on a remote workforce, the need for secure and reliable connectivity has never been more critical. WatchGuard's SSL VPN features advanced security technologies that ensure data integrity and confidentiality while enabling seamless access to applications and resources.

One of the standout features of WatchGuard's SSL VPN is its user-friendly interface. The solution is designed to simplify the user experience, enabling employees to connect to the VPN with minimal complexity. With a straightforward setup process, users can quickly establish secure connections from various devices, including laptops, smartphones, and tablets. This flexibility supports a diverse workforce, allowing employees to work from different locations without compromising security.

In addition to its ease of use, WatchGuard's SSL VPN is built on robust security technologies. It employs end-to-end encryption to safeguard data in transit, ensuring that only authorized users can access sensitive information. By utilizing SSL (Secure Sockets Layer) protocols, the VPN creates a secure tunnel between the user’s device and the corporate network, protecting against potential threats such as eavesdropping or man-in-the-middle attacks.

Moreover, WatchGuard Technologies includes multiple authentication options, adding another layer of security. The solution supports multi-factor authentication (MFA), requiring users to provide additional verification beyond just a password. This could involve mobile device verification or biometric authentication, significantly reducing the risk of unauthorized access.

Another key characteristic of WatchGuard’s SSL VPN is its integration with other WatchGuard security solutions. Businesses can benefit from a comprehensive security posture by leveraging firewalls and intrusion prevention systems along with the SSL VPN. This holistic approach ensures that remote connections are continually monitored and secured against evolving cyber threats.

Scalability is also a crucial aspect of WatchGuard's SSL VPN, accommodating growing organizations with changing needs. The solution can easily scale to support an increasing number of remote users without compromising performance. With robust performance metrics, businesses can ensure that even during peak usage times, the VPN remains responsive and reliable.

In summary, WatchGuard Technologies' SSL VPN solution combines ease of use, robust security, flexible authentication, and scalability. These features make it an ideal choice for organizations seeking to provide secure remote access to their employees while maintaining a strong defense against cyber threats. With WatchGuard, businesses can confidently navigate the challenges of a digital landscape, ensuring their network remains secure as they embrace remote work.