Alcatel-Lucent has released an updated version of its wireless-security appliance for laptop PCs.
The new version of OmniAccess 3500 Nonstop Laptop Guardian now works with other vendors' full hard-disk-encryption applications, emulates the smartcard some of these vendors use for encryption keys, and adds an SSL VPN. (Compare data-leak protection products.)
The 3500 is a PCMCIA card, running Linux, equipped with its own battery and an integrated 3G modem and GPS. It acts as both a 3G card and a network card, terminating VPN traffic from the laptop and storing encryption keys and other information. If the card is removed, the laptop can't be used. The wireless link and GPS let the PC be located and security features enabled even if the laptop is turned off.
As the name implies, full disk-encryption software encrypts all data on a hard drive, though hardware-based encryption alternatives are gaining adherents. Alcatel-Lucent created a new interface for these applications, which need to work with the 3500 software during the pre-boot phase. The 3500 card stores the encryption keys for the encryption applications, says Dor Skular, general manager of mobile security for Alcatel-Lucent's Enterprise Solutions Division.
In addition, the 3500 card now emulates a Windows smartcard, which some of these applications require be used during pre-boot authentication, Skular says. "It looks like a regular Windows smartcard, so no additional integration needs to be done," he says. "The smartcard always is with the laptop. If the laptop is lost or stolen, the enterprise IT group can, on demand, [wirelessly] wake up the device, disable the smartcard and wipe the disk, as well create a forensic audit for compliance purposes."
The new SSL VPN feature adds more flexibility for mobile users, Skular says. The previous version of Laptop Guardian uses an IPSec client to force every wireless connection to the network to take place through a VPN. In some cases, however, this blocks the laptop from making it through a firewall at, say, a customer's site. "By adding an SSL VPN, we solve this," he says. Alcatel-Lucent adds a "mini proxy" on the 3500 card, with HTTP filtering. "We only allow you to go to the address on the minority, which is set by the administrator, and is only the address of your SSL gateway," he adds.
In addition, the new version of the 3500 card lets a laptop be shared by employees -- police officers, for example -- without compromising security. Via Active Directory, IT can create groups of users that are authorized to use the PC. "You just log on as you do with any Windows logon," Skular says.
This story, "Alcatel-Lucent Adds Laptop Disk-Encryption Support" was originally published by Network World.