Secure remote access to applications through any web browser

Internet

Headquarters

SSL

Customers

Suppliers

Partners

Mobile Workforce

Applications

eMail

Web Applications

File Transfer

Telnet/SSH

Internet Cafe

SSL

• Ease of Deployment – a ‘clientless’ solution• Network Agnostic – firewall traversal • Mobile worker wants to use any internet

connected PC

Simple, ubiquitous, and proven to be secure

Why Secure flexible working

• Increase Employee productivity through high-bandwidth secure remote access to data and telephony applications

• Reduce your remote access costs for home-workers by using broadband access instead of ISDN

• Get 10 times the bandwidth of traditional remote access mechanisms (ISDN, Dial)

• Provide secure access to telephony, email, fax and intranet applications over a broadband connection

Why Nortel Networks

• Nortel Network provides Industry leading telephony application and extensive experience in the area of Telephony-VOIP, Unified messaging and Remote voice capability

• Nortel Networks Contivity is a scalable VPN device enabling secure Voice and data communication over a common Internet connection

• Contivity provides a graceful evolution Evolution from a purpose built IP VPN device to a comprehensive IP services gateway

• Nortel Networks has the knowledge and breadth of products enable a secure communication network.

Securing Your Business Networks

Internet

DSL

Branch Offices

Headquarters

IP Services Gateway• Encrypted• Authenticated• Resilient

How must we secure the business infrastructure?- IPSec

When:

• Cost is the driver not application performance

• Remote offices are “off the beaten track”

• Remote/mobile user has own PC available

Simple, ubiquitous, and proven to be secure

Ethernet

Cable

Business Case for Secure branch connectivity

10X the performance … for approximately 30% cost saving Plus added security and meshing of locations

Frame Relay Business DSL (VPN)

Monthly Circuit Charge $110 $80

Line Speed 64 Kbps .5 - 1 Mbps

Network Design Hub and Spoke IP Mesh

Security None IP Sec

Total annual cost $92,400 $67,200

In addition if we replaced the ISDN backup from 10 Large branches to ADSLWe get an additional 30% Cost savings.

IP VPN replacement of a regional 70 location Frame Network

What options are available for the Secure WAN connection

‘One of Everything’

Method

ContivitySecure IP Services Gateway

. Service charges for upgrade not included

Router upgrade / replacement was expensive and left significant issues unresolved

• 50% of the installed base could not be upgraded• Router downtime during upgrade an issue• Questions concerning router security integrity• No support for stateful firewall – would require 2nd box• Budget exceeded

Why Secure Branch Connectivity• Increased Security

• True end-to-end confidentiality provided by Encryption, etc

• Cost Savings for Connections• Using Broadband for access, rather than dedicated Leased

Line or Frame Relay, retiring RAS, etc

• Increased Bandwidth• Modern access technologies allow for higher access speeds

• Reduced OPEX• Simpler network topology means saving on equipment,

access connections, and management overhead

• Flexibility for Connections• Generic access technologies mean that any connection can

be added to the network, at anytime

Security-VPN Portfolio

Contivity 1700

Contivity 2700

Contivity 4600

Medium Branch 5-500 Tunnels25-100 Mbps 3DES VPN

200 Mbps Firewall

Med/Large Site 5-2000 Tunnels

50-120 Mbps 3DES VPN300 Mbps Firewall

Large Site 5000 Fixed Tunnels

100-140 Mbps 3DES VPN400 Mbps Firewall

Contivity 1000 Family

Small Office/ Branch 5-30 Tunnels10-15 Mbps 3DES VPN

100 Mbps Firewall

Contivity VPN Client

Alteon Application Switch 2424-SSL

Alteon SSL Accelerator 410

Alteon SSL Accelerator 310

Optivity Policy Manager

Securing Your Data Center

Strong perimeter security

What is a Secure Data Centre?

High performance intelligent network

Defined by Characteristics rather than Architecture

Centralised computing resources

What Are the Characteristics?

Characteristics match Requirements:

Secure but Accessible

Co$t Effective

Resilient and Reliable

Scalable and Flexible

Manageable

High Performance

What Are the Components?Alteon Security Manager

Alteon Application Switch

Alteon Content Cache

BayStack Switches

Alteon Switched Firewall

Alteon SSL Accelerator

Passport 8600 Routing Switch

Contivity VPN Gateway

Why Application Switching?The IT Department’s Dilemma

Critical BusinessApplications

EmployeeInternet Access

Server Load Network Load

ApplicationPerformance =

Budget

Tighter Security

Complexity

What is an Application/Web Switch?

• An ultra-fast Ethernet switch with integrated application intelligence

• A switch that uses application intelligence and health checking to enable a Dynamic Data Path

• A switching platform that can provide multiple layers of security functionality

• A solution that plugs into existing infrastructure to boost performance, reliability, and scalability, extending asset life Common application switch functions include load

balancing, security, and bandwidth management

Alteon Switch Applications

Server Load Balancing

Application LB

Global Server LB

Application Health Checks

Persistence Support

Source IP/Port

Cookies

SSL Identifier

Advanced Filtering

Layer 2-7 Attributes

VLAN Filtering

Accept, Deny, NAT, Redirect

Embedded Security Svcs

DoS Attack Prevention

Application Abuse Protection

SSL acceleration / VPN

Content Intelligence

Layer 7 Inspect

Cookie, URL, HTTP Header

User Agent (PDA, Browser)

Network Device Load Balancing

Firewall/VPN/IDS

WAN Links

WAP Gateways

Traffic Management

Bandwidth Management

ToS Marking

Network Services

Network Address Translation

VLAN Tagging

Trunking

Layer 2/3

Application Redirection

Web Site

Cache

SSL Appliance

Streaming Media

VPN

Alteon Switching Customer Benefits

Enterprise Benefits• Enhanced business

productivity• Simplified operations• A secure, reliable

network• Optimized

access/response for distributed/mobile employees and partners

• Maximizing IT return on investment

Service Provider Benefits• Improve performance,

reliability, and scalability of key services and applications• Server hosting• Security (Firewall, VPN,

IDS)• LDAP, DNS• Streaming (RTSP)• Many more

• Security enhancements• Wireless Application Protocol

(WAP) load balancing