|
|
|
|
|
|
 
|
| Provider
|
|
VPN Client Installation
|
Log & Report Interface(s)
|
|
Additional Comments
|
| Allegiance Telecom |
PGP-encrypted e-mail requests from customer are configured into policy, then installed | User downloads and installs package from CheckPoint | Logs via CheckPoint GUI or ASCII files, reports are HTML |
Yes |
Available with Managed Firewall only; built-into that standard service. Can support VoIP traffic. |
| Requests made by designated CPOC; in some cases, may be able to self-provision or submit a request electronically |
SW distributed via disk, CD, or download, often partially pre-configured to ease installation Updates automatically downloaded |
Standard and custom, varies by service and contractual commitments, ranges from summary usage to user-level detail reports |
Yes |
Access-link independent for CPE-based services. NW-based service can support VoIP traffic. Includes end-user helpdesk. Add-ons include managed authentication, 800# dial-up, other security services, disaster recovery / high-availability. |
|
| Aventail Corporation |
Config files and access control updated by CSA or NOC | Browser or downloadable executable with auto update | SYSLOG, WE3, SOCKS | Yes | SA-9000 includes load balancing—credentials shared across cluster for failover without re-authentication. Roaming via iPass. User Management delivers pre-built managed systems that simplify large-scale admin. Help Desk-to-Help Desk (Tier 2) support. Clientless access to Web, client/server and legacy applications, traverses any firewall. |
| Bangalore Labs |
Using secure VPN channel, customer requests change via Portal or e-mail, SP identifies need for update, manager validates and approves, notifications sent on approval, after change & periodic reports |
Customer responsible for installing their own client SW based on specific VPN device | Secure customized Web portal |
Yes | Available alone and as Firewall add-on. Includes 24/7 availability & performance monitoring, change management, backup/restore, periodic reporting. |
| Cable & Wireless |
Work with Customer to schedule a joint timeline | SP provisions VPN device but does not install SW on customer PCs | Secure Web interface |
Yes | Available alone and as Firewall add-on. Can support VoIP traffic. Uses CBAC IOS HSRP. |
| ClearPath Networks |
Service is NW based; rules and IP tables are updated by either customer or ClearPath in centrally accessible tables |
iVPN Remote Client may be e-mailed to users or made available on CD | iNOC access provides remote account monitoring; iView optional upgrade for real-time Network Reporting tool (utilization, latency, delivery) |
Yes | Customers can overlay iVPN on existing access footprint or repoint site PVCs to ClearPath regional POPs. Can change Voice or Video bandwidth assignments "real-time" to provide self-management for all QoS sensitive applications. Other managed services and proactive notification add-ons. Install takes 4-6 weeks depending on access links (overlay customers may be within 5 days) |
| Expertcity Inc. |
Using GoToMyPC Administration Center Web GUI, admins can manage accounts in real time, control users' feature-access rights, with dynamic distribution | No permanently-installed client SW; uses Web browser and per-session automatic download from website | Usage reports via GoToMyPC Administration Center Web GUI | No | Enables secure browser-based access to any Internet-connected Windows PC. Pre-configured with user-activated security controls, including dual passwords and 128-bit end-to-end user authentication. ASP model minimizes IT dept. installation, training, and support. |
| Genuity Managed Services |
Updated by Level3/Genuity SITE PATROL: Policy specified by enterprise, centrally managed via CheckPoint Provider-1 VPNA: Authenticated Web Server (AWS) lets customers administer user accounts, update certificates and client software |
Customer manages software installation process | SITE PATROL: Reports by secure e-mail, security logs by ticket request VPNA: AWS lets customers generate reports VBOS: Access logs available upon request |
Yes |
SITE PATROL available alone or as a firewall service option. VPNA and VBOS are standalone services. All can support VoIP traffic. SITE PATROL and VPNA Options: Managed PKI, high availability, NAT support, hardware acceleration, Extranet tunnel support, and more. |
| Guardent |
Requests are authenticated and then deployed in accordance with client's change management process | SP provides support to client's internal IT department, which then manages distribution & installation of client software to end-users | Reporting via Secure Portal |
Yes |
Available as firewall option only. Can support VoIP traffic. SecurID authentication is an add-on. |
| Interliant, Inc. |
Customer requests by e-mail are verified with customer via call back using pre-defined authorized contact information |
SP provides pre-configured VPN client to customer contact(s) via the most convenient method for customer | Logs via secure FTP |
Yes | Available alone or as Firewall option. Can support VoIP traffic via custom consulting engagement. High availability Fail-over option. |
| Internet Security Systems |
Gold customers can request unlimited policy changes; Silver customers get 2 free requests per mo. | Downloaded from Customer Portal | Customer Portal | No | Available as Firewall option only. Can support VoIP traffic. |
| LURHQ Corporation |
As dictated by the client |
N/A | Secure, Web-based Sherlock Enterprise Security Portal |
Yes | Available as Firewall option only. Customer must purchase access link from SP. Can support VoIP traffic. |
| Provider
|
|
VPN Client Installation
|
Log & Report Interface(s)
|
|
Additional Comments
|
| MegaPath Networks |
Request made to SP's VPN team, SP analyzes and discusses with customer, then implements as best suited for customer needs, can be updated remotely |
VPN Team contacts end user to download VPN client from FTP server; technician then goes through a step-by-step process with end user to install and configure | Logs to become available 2H03 |
Yes |
Customer usually purchases VPN and access links from SP. In cases where customer does not purchase access link from SP, SP installs NetScreen 5XP at each location. VoIP traffic supported. Dedicated VPN Team offers 24x7 support. Proactive monitoring will be available 2H03. |
| NetSolve, Inc. |
Submitted via Web Portal or contacting assigned security engineer; no extra charge for emergency change requests |
N/A | Secure Web Portal provides access to all security reports and raw data |
Yes | Cisco V3VPN technology supports VoIP. IDS, Internet Router, managed WAN, LAN or IP telephony add-ons. Fixed fee per VPN device includes all change requests, custom signature development, configuration archiving, firewall policy changes, OS upgrades, etc. |
| PresiNET Systems |
Change requests are authenticated
in person— |
Customer installs own VPN client of choice | Real-time reporting via Secure Web interface and PDF |
Yes |
VPN is part of Internet Security Management services package. Managed PKI/Certificate Authority, VPN Traffic Management, end-user helpdesk, 800# dial-up add-ons available. Can support VoIP traffic. Data Stream Compression for better performance and throughput. NAT Traversal. |
| SBC Communications |
Policy pushed to SW or HW client from central VPN remote access concentrator maintained by SP |
SP trains customer admin to install VPN client on RA user PCs | Trend reports provided on a password protected website |
Yes | VoIP supported on VPN CPE as separate service. Other security services, hosted VPN sites, and National RA User Tier 1 help desk services can be bundled with VPN service. VPN includes project management, staging, install, monitoring, onsite maintenance, reports, single point of contact help desk and consolidated billing. Customer can purchase, lease, or provide Cisco CPE. |
| Secure Designs, Inc. |
Via e-mail or telephone requests | PPTP client included in Windows; IPsec client downloaded and installed with telephone support | Secure website |
Yes |
Available as Firewall option only. Can support VoIP traffic. End-user helpdesk add-on available. |
| SecurePipe, Inc. |
Call SP's Network Security Engineers 24/7 to request VPN policy changes |
SP provides SafeNet client licenses and VPN certificates for download through SecurityConsole.com | VPN certificates and other key materials are available through SecurityConsole.com |
Yes | Available as Firewall option only. Can support VoIP traffic. |
| SecureWorks |
Client submits change request, SP applies it | N/A | Quarterly Security Review and On Demand |
Yes |
Available as Firewall option only. Can support VoIP traffic. |
| Unisys Corporation |
Client-initiated secure move/add/change request |
Web-based distribution | Private secure client website |
Yes | Available as Firewall option only. Can support VoIP traffic. End-user help desk services, remote network management add-ons available. |
| Verio SafeGuard VPN.RA |
For both, change requests only accepted from designated POCs IntelliSecurity: Phone and Web portal requests authenticated via SecurID. SP validates change request, presents alternative as needed |
IntelliSecurity: SP delivers VPN SW to the managed firewall security POC; POC is responsible for distributing SW, user-names and passwords to end-users |
Secure Web Portal |
Yes |
SafeGuard VPNs are Standalone Services; IntelliSecurity is a Firewall option. Both can support VoIP traffic. For IntelliSecurity only: can add more S2S and RA VPN connections, Help Desk for Remote VPN Client Support. |
| VeriSign, Inc. |
Request opened via phone, e-mail, or Web-based ticketing system; SP manages request through Acknowledgement, Validation & Implementation stages, providing client with feedback / status at each step |
SP's customer project manager works with defined customer representative in deploying VPN client software | Secure Web interface through Portal, and FTP if needed |
Yes | Firewall-resident and dedicated concentrator services available for both S2S and RA VPNs. Add-ons include Managed Authentication (via ActivCard or RSA tokens), IT Administrator support for VPN client, Managed PKI, Firewall & IDS. SP monitors health, performance & security events. Suspicious activities are normalized and analyzed; security engineers are automatically engaged as needed. Includes free vulnerability scans of VPN device during initial deployment and quarterly. |
| MCI (WorldCom) |
SP will make policy changes at customer's request, or customer admin can make changes to client policy via Web-based ESM database; policy updates are pushed from VPN server to client on user's PC | IPsec client can be installed with or without SP's dial client. Can install SW from CD provided with VPN gateway device or downloaded from website. If Access Manager dialer solution is installed, IPsec SW is automatically pushed to user's PC upon connecting to SP's network | Interfaces include CLIs, Web GUIs, Client GUIs, SNMP for layer 3 VPN management, read-only SNMP to router MIBs, near-real-time performance data from VPN routers (with VIPER tool or Platinum Package), extensive dial statistics (via Access Manager), and Web reports from Nortel and Cisco VPN devices |
Yes |
Service does not require use of SP access links, but SP can provide wide variety of S2S and RA links, globally. VPNs can support VoIP traffic. VPN add-ons include bandwidth management, hardware encryption card, RAM upgrade, & other SP offerings like personal and managed firewalls, VPN device colocation. |
| Provider
|
|
VPN Client Installation
|
Log & Report Interface(s)
|
|
Additional Comments
|
