Aventail Endpoint Control

How does End Point Control work?
Aventail End Point Control gives administrators the power to create highly granular access control rules that support today's broad range of remote access environments. Aventail's market-leading EPC increases security and flexibility using three essential components:

• Device Interrogation: Aventail End Point Control automatically interrogates the remote device any time a user accesses an Aventail SSL VPN remotely. To ensure that the access point is free of malicious software, or malware, like keystroke loggers and Trojan horses before allowing access, the Aventail solution automatically launches an agent from one of our best-of-breed client integrity partners such as Symantec Confidence Online or Sygate. This happens prior to authentication so login can be stopped if any malware is discovered. And, unlike the security precautions of other VPN solution providers, only Aventail EPC incorporates full cross-platform support, operating system detection, and client integrity checks for truly secure everywhere access.
   
• Policy Zones: Device Interrogation looks for certain applications or "watermarks" on the end point. For example, if a specified antivirus product or a personal firewall is present, Device Interrogation may instantly classify the end point into one of the predetermined Policy Zones—such as trusted, non-trusted, or semi-trusted. Each zone enables a different level of access, appropriate to its level of risk.
   
• Enhanced data protection and remediation: Users may inadvertently leave behind information at a hotel business center or an Internet kiosk if downloaded files, viewed e-mail attachments, Web pages, or passwords are cached on the hard drive. Aventail combines its market-leading data protection features, Aventail® Cache Control™ and Aventail® Secure Desktop™, with Policy Zones to provide the most flexible remote access options available. Remediation efforts launch the appropriate tools to allow access with complete security.