Devon Introduces New Appliance for Secure Remote Access
November 30, 2004 Alex Woodie
Devon IT recently launched NTAVO 5.0 Appliance, a new IBM eServer-based device designed to provide remote users with secure and easy-to-use access to applications running on OS/400, mainframe, Unix, Linux, and Windows servers. As a main application proxy, the NTAVO Appliance has advantages over other remote access techniques, such as virtual private networks and Citrix, the company claims.
Devon IT’s NTAVO Appliances are rack-mountable, Linux-based IBM xSeries servers (or IBM eServer BladeCenter systems on the high-end model) that use Tarantella‘s remote access technology to provide thin clients with secure access to host applications. On the back end, the devices communicate with servers through native 3270, Telnet, Remote Desktop Protocol (RDP), and X11/XDXMP (X Windows) protocols. On the front end, it converts these display protocols into Tarantella’s Adaptive Internet Protocol (AIP), which is encrypted via SSL and sent to the Java applet, running in a Web browser on the user’s thin client.
Only authenticated users are allowed access to the back-end server through the NTAVO Appliance. The device handles authentication either through the use of a USB-based SecurID token from RSA Security (which Devon IT sells) or with the combination of a user name and password. The NTAVO Appliance can grab user names and passwords against a variety of different data stores, including Unix passwords, Microsoft Active Directory, Microsoft Windows Domains, and Lightweight Directory Access Protocol (LDAP).
Devon IT says there are advantages to using its NTAVO Appliance in place of other techniques using virtual private networks or remote access technology from Citrix or Microsoft. As an alternative to VPNs, the NTAVO Appliance improves the security of remote access, because users don’t have to worry about providing direct access to their back-end systems, the company says. The device is also faster than competing Citrix or Microsoft products, because all of the emulations are performed on the NTAVO Appliance, and no software needs to be installed on the application server itself, the company says.
The simplicity and ease-of-use of the NTAVO Appliance is a major selling point of the product, which can be installed in a data center as soon as the customer takes delivery, the company says. No additional software needs to be installed on it, and once it’s connected to a network, only a few configuration settings, such as setting the IP address, the network mask, and the license key, are needed to complete an installation.
As the IT division of Devon Health, a healthcare provider located in King of Prussia, Pennsylvania (near Philadelphia), Devon IT eats what it sells. About two years ago, the company developed the NTAVO Appliance for use in its own data center, where it needed to provide its customers (predominantly small and midsized physicians’ offices) with secure remote access to Devon’s healthcare applications.
A company spokesman says Devon IT began offering the NTAVO Appliance as a commercial product to customers in China, who were increasingly concerned with Windows security, and who also needed a secure remote access platform. This past summer, the company launched the other members of its NTA Virtual Office, or NTAVO, including the AIP-enabled thin client terminal, called the NTAVO Terminal, and the NTAVO Appliance. Although these two products can be deployed in tandem, they don’t require each other in order to work.
The launch of the NTAVO 5.0 Appliance coincides with the roll-out of a new architecture built on Tarantella’s Secure Global Desktop Enterprise Edition Version 4. Previous versions of the appliance were built using technology from Netilla, a company spokesman says. Other new features included in NTAVO 5.0 include support for Windows Server 2003 and 24 bit color depth; universal PDF printing, to reduce the number of printer drivers installed on Windows 2000 and Windows Server 2003 application servers; a native client that reduces dependency on Java; and support for Unix passwords, Windows Active Directory, and LDAP user authentication.
Although the NTAVO Appliance can connect to OS/400 applications, it doesn’t support the 5250 protocol. OS/400 shops that want to use the NTAVO Appliance will need to use the 3270 protocol to connect remote users with OS/400 applications, the company says. While users can access OS/400 applications via the mainframe protocol, full support for the 5250 protocol would provide better and more thorough support for OS/400 applications. The company is currently testing OS/400 server connectivity and will support 5250 if there’s enough demand, the company says.
Devon IT is selling four NTAVO Appliances. The NTA 1100 device can support up to 100 users and costs $20,000. The NTA 1500 device can support up to 500 users and costs $100,000. The NTA 2000 and the NTA 3000 (which is based on the IBM BladeCenter frame) can support 1,000 users each and cost $200,000. All of these models support Unix and Windows connectivity; 3270 support is extra and ranges from $1,000 for 100 users up to $10,000 for 1,000 users. For more information, go to www.ntavo.com.