Blue Coat ProxyRA Appliances

RA Connector – On Demand Access for All Applications

Blue Coat ProxyRA delivers an all-in-one remote access and endpoint security solution that leverages patent-pending Connector technology to provide access from both corporate-managed and unmanaged endpoints. Through the RA Connector, ProxyRA extends access to a rich set of Web and non-Web applications without ever requiring the installation of client software, local admin rights or a system reboot. It does not require any port forwarding or network extension clients; all access is on demand. And, the application support is limitless: if the TCP or UDP application meets the following conditions, it will be supported without client software and without local admin rights.

1. Application client initiates communication (e.g., Outlook contacting Exchange)
2. Application client can be launched (or re-launched) after RA Connector has loaded.
3. Application must be running in user’s environment (e.g., not a system service)
4. Application cannot access internal file shares via drive mapping or UNC specification (such as S:\filename or \\server\filename)

If the application (Web or non-Web, off-the-shelf or proprietary, new or legacy) meets these conditions, ProxyRA will support it. No client software. No admin rights

Additional Key Features:

On Demand Remote Access

• Extensive application support without ever requiring VPN client software
• Comprehensive web application support without error-prone URL rewriting
• Single access mode for all users, eliminating the headache of managing multiple access modes for different users
• Support for locked down environments by never requiring local admin rights on end user devices for accessing web and non-web applications
• In office user experience (e.g. launch native applications from desktop)
• Application-layer access across all applications that never requires unrestricted network-layer connectivity
• No changes to desktop, leaving desktop as it found it when user session is over

Integrated Endpoint Security

• Pre-authentication and continuous spyware scan that leverages patent-pending AMP (Adaptive Malware Protection) technology to provide a pre-login scan for framegrabbers and keyloggers and continues to scan for duration of user session
• AMP technology identifies and temporarily suppresses processes and programs identified as potential threats, such as framegrabbers and keyloggers, for the duration of user session without any permanent system changes
• On demand host integrity checks for a variety of conditions (such as personal firewall settings, antivirus software updates and OS patches and service packs)
• Application blacklists and whitelists to control which applications are allowed to be accessed / not accessed by the end user during the remote access session
• Configurable split tunneling to block or enforce split tunneling

Integrated Information Protection

• Browser security features encrypt all information stored by the browser, including cache, temp files and cookies, and clear all session information at the end of SSL VPN session using DoD 5220.22-spec file deletion
• Information usage controls for defining and enforcing what users can do with the information accessed and downloaded by web applications, such as blocking or allowing file save, print, save to clipboard, cut-and-paste, and screen print operations
• Framegrabber and keylogger protection by scanning for and suppressing keyloggers and framegrabbers to prevent spyware from stealing personal and corporate information

Granular Application & User Management

• Intuitive object-based policy manager controls user access to targeted resources
• Granular user and asset control defines access by user, target resource, source/location of user, time of day, and security profile of connecting device
• Policy wizard creates access policies in minutes
• Integrates with leading authentication schemes, such as Microsoft Active Directory, LDAP/LDAPS, RADIUS, RSA SecurID®, and TACACS+
• Flexible tiered access controls allow minimum security thresholds, such as requisite OS patches, AV updates or personal firewalls settings, when accessing specific applications and other resources
• System dashboard provides overview of system health (e.g. CPU usage and disk utilization), concurrent users logged on and overall system status

Scalability and Performance

• Supports 25, 50, or 100 concurrent users
• Transparent, automatic failover for uninterrupted connectivity
• Supports external load balancers to satisfy performance-critical applications
• High performance architecture to easily support LAN speeds