Server Workload and Application Security Enhanced with KEMP ADC

April 28th, 2014 [KEMP] New Features Provide the Application Delivery Controller Market With Viable Migration Option from Forefront Threat Management Gateway (TMG)

NEW YORK, NY – April 28, 2014 - KEMP Technologies, the application-centric load balancer company currently leading the industry with price-to-performance advantages, announced today that all KEMP LoadMaster products now feature enhanced edge security gateway functionality to protect published workloads and improve user application performance.

Extending its value-for-money leadership, KEMP LoadMaster’s fully integrated edge security features offer the best combination of Layer 7 load balancing and content switching for application optimization along with critical security features. Combined, this provides the Application Delivery Controller (ADC) market with a viable alternative to effectively and affordably migrate from the Forefront Threat Management Gateway (TMG).

In addition to features such as SSO, pre-authentication and SMTP domain filtering, new enhancements across the board for LoadMaster’s Edge Security Pack (ESP) include:

  • Dual-factor authentication w/RSA SecurID
    Integration with RSA SecurID allows ESP-protected workloads to comply with organizational requirements of dual-factor authentication (soft token double-entry) for Internet-facing services and provides enhanced security for published applications.
  • Official support for additional application workloads
    Although commonly used for many applications, the first iteration of ESP was specifically optimized primarily for Microsoft Exchange. This same level of application-specific optimization has now been extended to include Microsoft SharePoint, Active Directory Federation Services (ADFS) and Generic IIS (Internet Information Services) based applications and websites.
  • Soft Lockout
    Failed login attempt handling can be configured to block user access to ESP-protected application services after a defined number of failed login attempts. The list of blocked users can be manually edited by a LoadMaster system administrator or configured to unblock user lockout after a set interval.
  • RADIUS Authentication Support
    RADIUS authentication is used extensively in enterprise applications. When enabled, a RADIUS authentication provider must verify user credentials and other attributes based on configured policies prior to allowing access to ESP-protected application services.
  • Group Membership Validation
    Access to ESP-protected virtual services can now be restricted to users based on security group membership, providing additional control around identity verification prior to allowing access to published applications.

In addition to intelligent L4-7 application-focused load balancing, KEMP LoadMaster offers core security features such as IPS, SSL bridging for secured traffic flows, customizable ciphers for SSL negotiation, and TCP connection termination, providing a way for customers to securely publish  applications. When combined with the new ESP LoadMaster feature set, additional complementary features are added for holistic secure application publishing.

KEMP LoadMasters also incorporate many features to support the impending transition from IPv4  to IPv6, such as mixed-mode interface addressing along with IPv6 ACL (Access Control Lists) support and the ability to simultaneously address and manage virtual services and target servers across IPv4 and IPv6 address spaces. In independent testing, the KEMP LoadMaster was found to perform on par and in some cases, better, in IPv6 infrastructures as compared to IPv4 environments.

 “As more devices are connected in the Internet of Things economy, there will be an exponential impact on the number of applications deployed, resulting in the need for more assigned IP addresses and security mechanisms. All of this points to the load balancer continuing to play a primary role in servicing modern application infrastructures,” said Atchison Frazer, CMO, KEMP Technologies. “Regardless of whether IPv4 or IPv6 is in use, critical lines of business enterprise applications, e-commerce storefronts, machine-to-machine traffic flows and hosted SaaS offerings must be highly available, secure and scalable.”

KEMP Technologies is participating at the Infosecurity Europe event, scheduled for April 29th through May 1st at Earl’s Court, London (Stand #K94). For more information, please visit http://www.infosec.co.uk/en/home/.