Neoteris, Inc. this week announced version 2.0 of its Instant Virtual Extranet (IVE) platform, an appliance that can now enable instant, secure access to a range of enterprise applications for remote or transient users.

The first version of the IVE enabled secure access to Web applications, says Jason Matlof, director of marketing for Neoteris, based in Mountain View, Calif.

Version 2.0 adds support for a range of client/server applications, including Lotus Notes, Microsoft Outlook, SAP enterprise resource planning systems and Microsoft Terminal Server applications.


The IVE is intended to address two issues Matlof says have kept many users from providing ubiquitous access to enterprise applications to internal employees, customers and business partners.

One is the security risk implied in giving remote users access to the corporate network, while the other is the non-scalable cost of existing technologies such as virtual private networks.

Even if users employ the VPN client technology that is built into Windows clients, there is still significant administrative overhead involved in configuring each client, managing policies, dealing with interoperability problems and so on.

Neoteris' IVE is a hardened gateway upon which users load a publicly resolvable DNS entry, enabling it to be reached by any user with an SSL-capable browser. On the back end, the IVE device handles communication with Web servers and other application servers, with users able to define policies dictating what resources various remote users and groups can access. Users can take advantage of their existing authentication and authorization tools to ensure only authorized users access the network.

More Secure Than A Traditional VPN

With version 2.0, users still connect to the IVE via a Web browser, but the IVE launches a proxy session with backend servers for email, ERP and other applications. The IVE acts as an intermediary, masquerading as the application client to the host. "Our appliance speaks like a client to the native internal resource," Matlof says. At the same time, the IVE requires no changes to the internal applications.

Matlof says the IVE is more secure than a traditional VPN because it does not provide a full-blown network connection to remote users. Rather, they can reach only the hardened IVE appliance. The device is also inherently scalable because it can be used by anyone with an SSL-capable browser.

Even with all the translations going on between the IVE and back-end servers, Matlof says the delay is "imperceptible." While testing for version 2.0 is not yet complete, he says the first version delivered a delay of no more than 2 ms with 1,000 users on a single appliance. "It's even less for email," he says.

Pricing for the IVE starts at $9,995 for a device that supports 50 users in a single group and ranges to about $100,000 to support 1,000 sessions with more robust access controls and group management functions.