Secure Authentication for Apple iOS Devices

As indicated by your feedback in several of our polls, and as highlighted at Interop New York, more and more users are opting to access their company network via various devices. Of all the devices involved in the BYOD movement, Apple iOS products are some of the most popular. In response to this demand, the NCP Secure Enterprise VPN Server now integrates with Apple’s iOS, so IT administrators can perform certificate-based authentication to control network access of iPhones and iPads. So, how does this work? Apple’s mobile device management (MDM) distributes various certificates to all authorized iOS devicies. When users establish VPN tunnels from their devices, the NCP Secure Enterprise VPN Server uses these certificates to determine what type of device the user is accessing the network with. This enables network administrators to, for example, allow a Mac OS X notebook full access rights, while limiting iOS devices to partial access to the central network. Also, users are unable to decipher or manipulate the certificates, significantly reducing the risk of certifications being duplicated for unauthorized devices. Security is, after all, one of the biggest concerns associated with BYOD. Ultimately, with its iOS secure authentication, NCP enables IT administrators to use certificates to control assignment rights on these end devices – without interfering with the user-determined username and passwords. Want to view the entire, official announcement? Check it out...

Readers’ Poll – Android OS

With the launch of NCP’s universal Android IPsec VPN clients this week, we’re curious to know which versions of the OS that our Android-equipped readers are using.  Are you ahead of the curve with Jelly Bean, behind the pack with Éclair, or tastefully in the middle with one of the other deliciously named updates Android has released in recent years? If there are particular features of each that you like –  or dislike –  let us know in the comments. [polldaddy...

Readers' Poll – Android OS

With the launch of NCP’s universal Android IPsec VPN clients this week, we’re curious to know which versions of the OS that our Android-equipped readers are using.  Are you ahead of the curve with Jelly Bean, behind the pack with Éclair, or tastefully in the middle with one of the other deliciously named updates Android has released in recent years? If there are particular features of each that you like –  or dislike –  let us know in the comments. [polldaddy...

NCP Releases First Ever Universal IPsec Clients for Android

Remaining at the front of the pack as always, today NCP engineering announced the release of two versions of its IPsec client that supports the Android 4.0 platform, the NCP Secure Android Client and Premium Android Client. The clients can be downloaded from Google Play and there is the option of a free 10-day trial. Outside of highly-secure access to corporate networks from all Android applications, including terminal-server clients and e-mail clients, the VPN clients also ensure seamless integration with the major enterprise VPN gateways: Cisco, Juniper, WatchGuard, Checkpoint, Microsoft Server 2008 R2 and others. Other features include: Both versions can be installed without rooting the operation system, and boast user-friendly graphical interfaces. Premium users can take advantage of an “auto reconnect” feature. For example, VPN connections interrupted by dead zones or changes in the transmission network, automatically reestablish connectivity. The premium software provides comprehensive protection against unauthorized access and supports one-time-passwords (OTP) and PKI certificates. When used in conjunction with the NCP Secure Enterprise VPN Server, the NCP Path Finder Technology enables secure VPN connections, even when IPsec connections are blocked via firewalls. NCP’s VPN software supports all technical communications and security standards including Internet Key Exchange (IKE) v1 and 2, IP address assignment via local IP address or IKE config mode, pre-shared key or PKCS#12 certificate support, XAUTH, and split and full tunneling network access. NCP has shown a strong commitment to staying on top of the latest trends in operating systems and mobile capabilities, already offering clients compatible with the Windows 8 Beta as well. Please stay tuned for more exciting updates! For more information on...

IPv6 Day 2012 – The Aftermath

Now that we’ve had a few weeks to consider the aftermath of IPv6 Day 2012, we wanted to look into what the industry is saying are the key takeaways – so far – from this year’s event, in which thousands of organizations switched over to IPv6 – permanently. After all, IPv4 website addresses are essentially exhausted, while IPv6 has more than 340 trillion addresses, according to the Internet Society. This, the organization points out, is an IPv4 address for every star in the universe. Mind-boggling, right? Here’s what else people are saying: IPv6 traffic didn’t spike on World IPv6 Day, but did see a gradual and significant increase starting two weeks before the actual day, 6 June, according to Arbor Networks. Internet Protocol version 6 traffic grew from 0.06 per cent to 0.15 per cent in that period, it said…The increased levels of IPv6 traffic has been steady since the event, Arbor added. “This shows that hopefully many of the newly enabled IPv6 services are here to stay – another important milestone on the road to ubiquitous IPv6 adoption.” – Adam Bender, ComputerWorld While the commitment to always-on v6 was a big one, some experts predicted that we wouldn’t see a big jump in traffic rates during this year’s World IPv6 Launch. The reason for this was that many of the providers who are committing to v6 had already turned up their networks ahead of the launch and would be running the day of the event. However, Owen DeLong, IPv6 evangelist for Hurricane Electric, predicted a small spike in traffic would occur on June 6, followed by a leveling off and gradual move upward...

Why Identification and Authentication Matter, Part 1

By Joe Schembri  I recently wrote about what should be included on a  remote access security checklist. A reader, very aptly, asked why identification and authentication were not on the list. I’d like to take a moment to address this – and retroactively amend my prior list to include identification and authentication. Here’s a basic overview of what identification and authentication entails. As we know, companies today are increasingly turning to remote workforces or allowing telecommute options for existing staff. As the number of offsite staff increases, companies must provide remote access in order to optimize workflow and efficiency. Of course, along with the benefits of remote access come additional security risks that companies must take appropriate measures to guard against. This is where identification and authentication become crucial to managing access and keeping the corporate network protected. Identification In order to be authorized to access a specific system or set of data, users typically must supply some sort of identification to prove that they are who they say they are. Identification can be any type of machine-readable name, such as user ID and email address. Authentication Once a user supplies their identification, a remote access system must then authenticate the identification in order to determine whether or not the user is authorized. Authentication is simply a process that verifies the identity of a user and the validity of their identification credentials. There are three types of authentication: What users know – includes passwords, PINs, and answers to security questions. What users have – includes ID cards, keys, and badges. What users are – includes retinal scans, fingerprints, and...