Click on the headings below to get detailed information on the features, functionality and benefits of the Mobility XE mobile VPN software.
-
> True Application Persistence
-
Critical Applications are Always Available
No other VPN can match Mobility XE Application Session Persistence — its ability to sustain application sessions even through suspend-and-resume cycles and loss of connectivity. Other VPN's in these situations lose application sessions—causing data loss and corruption, and forcing users to re-login and restart applications.
When a Mobility XE user encounters a coverage gap, open application sessions are maintained until the user's network connection is re-established. If a user loses connectivity while an application is transmitting data, Mobility XE suspends the transmission—for days if necessary. As soon as connectivity is re-established, Mobility XE resumes transmitting the data at the exact point the application was interrupted.
-
> Standards-Based Security
-
Protect Networks and Data with Standards-Based Security
Mobility XE secures network access and all data transmissions using strong, standards-based authentication and encryption, making tight security easy to manage and maintain. The VPN tunnel encrypts all data transmitted to guard against eavesdropping.
User-Transparent Security
Single sign-on and inter-network roaming capabilities make security transparent to the end user; workers only need to log in once for the duration of their session. There are no additional steps or passwords to remember, no matter how many different networks they use. For additional security against unauthorized use of stolen or misplaced devices, Mobility XE can enforce periodic user re-authentication, validating the identity of the person using the device.
Two-factor Authentication
Two-factor authentication is federally mandated for all law enforcement agencies, and is a wise precaution for commercial enterprises as well. It requires a second factor — something the user has — in addition to a password to successfully authenticate the user. Mobility XE supports two-factor authentication methods to allow organizations to comply with federal standards at minimal cost. In addition to native RSA Secured certified support for RSA SecurID, Mobility XE also supports smart cards or X.509v3 user certificates. By leveraging NTLM, RADIUS, and standards-based PKI implementations available from many vendors and built into Microsoft server operating systems, Mobility XE provides options for strong, two-factor user authentication with little or no incremental cost.
Device Authentication
Authentication of the device using X.509v3 certificates confirms that the device is an authorized corporate asset. This protects corporate resources from being accessed by legitimate users logging in from an untrusted, unsecure device. It also adds an extra authentication factor that can be bound loosely or tightly to the user; an individual may only be allowed to use a subset of devices, or a specific, personally assigned device. The ability to authenticate the device without an active user session is also a key management feature, supporting over-the-air device management using third-party policy, asset-management and control tools.
The Industry's Highest-Standard Encryption
FIPS 140-2 validated AES encryption modules are the United States government's standard for securing non-classified information. Mobility XE provides encrypts all data transmitted between the Mobility client and server with FIPS 140-2 validated AES encryption, in 128-bit, 192-bit or 256-bit strengths. Mobility XE provides the security advantages of an IPSec VPN without its configuration, client provisioning and management burdens.
NSA Suite B Encryption
In addition to FIPS 140-2, Mobility XE is the only mobile VPN to support NSA Suite B cryptography. Suite B is required by the US government for all networks handling information classified as secret. Use of Suite B algorithms is best practice for other industries. By employing Suite B cryptographic algorithms by default, NetMotion allows customer to be confident in the security of their mobile data.
Device Quarantine for Additional Network Protection
Because mobile device loss or theft can compromise information on enterprise networks, Mobility XE lets network administrators quickly and easily quarantine lost or stolen devices. Quarantined devices are unable to authenticate to the network and administrators can easily restore network access when the device is recovered.
-
> Wireless Performance Optimization
-
Optimize Performance Over Wireless Networks
Mobility XE wireless WAN optimization automatically reduces network consumption and improves throughput and application responsiveness, particularly over bandwidth-constrained or wireless networks.
The performance of other VPNs typically degrade over wireless networks, often by as much as 50%. Mobility XE uses link optimizations to reduce the number of retransmitted packets, excess control information and other network "chatter," and dramatically improves throughput by compressing data and images. Best-Bandwidth Routing technology ensures the fastest and most efficient available network connection is used.
For example, Mobility XE automatically roams to a WLAN connection the moment it becomes available—resulting in greater productivity, improved efficiency and reduced WAN expenses.
-
> Inter-Network Roaming
-
Roam Seamlessly Across Networks
Today's mobile workers use a variety of public and private networks such as conventional wired LANs, corporate Wi-Fi networks, third-party hotspots and Wireless WANs available through cellular carriers. Mobility XE InterNetwork Roaming capability lets mobile workers change networks seamlessly, transparently and securely without thinking about their network connections or needing to re-authenticate.
Mobility XE InterNetwork roaming is tightly integrated with network applications and single sign-on authentication so that users have application session persistence and do not have to re-login when they traverse networks, go in and out of network range, or suspend and resume their devices.
The Mobility XE server accomplishes this by establishing a virtual IP address on the VPN server for each VPN session. As users roam, enterprise application servers always see the same, unchanging virtual IP address rather than the user's network-specific IP addresses. With Mobility XE, there is no need to re-segment networks, implement VLANs or deploy additional hardware to enable mobile workers to traverse networks seamlessly. Plus, Mobility XE supports roaming between IPv4 and IPv6 networks. As wireless carriers begin to roll out IPv6, Mobility XE is ready to support the changes, helping you future-proof your mobile deployment. Your mobile workers can now focus on their work—not configuring, enabling and disabling adapters.
-
> Centralized Management
-
Powerful Management Console
No other VPN provides the spectrum of flexibility, visibility and control afforded by Mobility XE. Mobility XE's robust administrative console allows all aspects of the system to be observed and managed in one centralized location. The web-based interface gives administrators a complete system-wide view, from overall metrics down to device connections, worker behavior and application use. Detailed activity logs preserve a historical view of user activity. From the management console, administrators can quarantine devices that are misused, lost or stolen, as well as view device connectivity status, number of quarantined devices and even battery life. Administrators can search for information on a specific user or device, such as open applications, device operating system and interface or port in use.
Integration with Systems Management Tools
Unattended device access extends the reach of device and patch management tools to mobile platforms with true “over the air” management access. By using certificates to authenticate the device at boot time, Mobility XE provides a secure wireless connection that’s just as full-featured as an internal wired network. It supports device-management technologies such as Active Directory Domain scripting and software update policies, as well as other popular device-management suites. Users stay in the field and remote devices stay up to date – all without new investments in wireless-specific management tools.
Analytics Module
The Analytics Module proactively alerts administrators of pending problems by sending notifications, for more hands-off management.
-
> Deployment
-
Easy to Deploy
Award-winning Mobility XE is a software-only solution that helps minimize costs and complexity. It is simple to deploy, highly scalable and easy to maintain. And, its use is transparent to end users—no user configuration or training required. The Mobility XE architecture is comprised of server and client software. The Mobility XE server software can be installed on a server behind the firewall or in the DMZ. Lightweight Mobility XE client software is installed on each mobile device (client)—any combination of laptops and handheld devices including tablets, pocket PCs and smart-phones.