RA510 Series
The RA510 Series of rack-mountable proxy appliances provides small to mid-sized sites with the power to extend remote access to employees, partners, and customers while delivering on demand endpoint security and information protection features.
- Blue Coat RA510 Datasheet 0.36MB
- Blue Coat Overview Brochure 0.76MB
Typically deployed within the DMZ, the SG510 platform provides remote employees and third parties granular access to corporate applications. Extensive support for unmanaged devices, such as home desktops, partner PCs, and Internet kiosks, by never requiring local admin rights or VPN client software and through a rich set of information protection features to block information leakage at the endpoint, such as browser cache encryption and complete session cleanup.
Object-based policy management enables intuitive and flexible rules that control access to resources based on user, target resource, security profile of the device, time of day, and whether the user's endpoint is corporate-managed or unmanaged. The RA510 features LAN-speeds and support automatic failover without requiring the user to re-authenticate.
RA Connector - On Demand Access for All Applications
Blue Coat RA delivers an all-in-one remote access and endpoint security solution that leverages patent-pending Connector technology to provide access from both corporate-managed and unmanaged endpoints. Through the RA Connector, RA extends access to a rich set of Web and non-Web applications without ever requiring the installation of client software, local admin rights or a system reboot. It does not require any port forwarding or network extension clients; all access is on demand. And, the application support is limitless: if the TCP or UDP application meets the following conditions, it will be supported without client software and without local admin rights.
- Application client initiates communication (e.g., Outlook contacting Exchange)
- Application client can be launched (or re-launched) after RA Connector has loaded.
- Application must be running in user's environment (e.g., not a system service)
- Application cannot access internal file shares via drive mapping or UNC specification (such as S:\filename or \\server\filename)
If the application (Web or non-Web, off-the-shelf or proprietary, new or legacy) meets these conditions, RA will support it. No client software. No admin rights.
Additional Key Features
On Demand Remote Access
- Extensive application support without ever requiring VPN client software
- Comprehensive web application support without error-prone URL rewriting
- Single access mode for all users, eliminating the headache of managing multiple access modes for different users
- Support for locked down environments by never requiring local admin rights on end user devices for accessing web and non-web applications
- In office user experience (e.g. launch native applications from desktop)
- Application-layer access across all applications that never requires unrestricted network-layer connectivity
- No changes to desktop, leaving desktop as it found it when user session is over
Integrated Endpoint Security
- Pre-authentication and continuous spyware scan that leverages patent-pending AMP (Adaptive malware Protection) technology to provide a pre-login scan for framegrabbers and keyloggers and continues to scan for duration of user session
- AMP technology identifies and temporarily suppresses processes and programs identified as potential threats, such as framegrabbers and keyloggers, for the duration of user session without any permanent system changes
- On demand host integrity checks for a variety of conditions (such as personal firewall settings, antivirus software updates and OS patches and service packs)
- Application blacklists and whitelists to control which applications are allowed to be accessed / not accessed by the end user during the remote access session
- Configurable split tunneling to block or enforce split tunneling
Integrated Information Protection
- Browser security features encrypt all information stored by the browser, including cache, temp files and cookies, and clear all session information at the end of SSL VPN session using DoD 5220.22-spec file deletion
- Information usage controls for defining and enforcing what users can do with the information accessed and downloaded by web applications, such as blocking or allowing file save, print, save to clipboard, cut-and-paste, and screen print operations
- Framegrabber and keylogger protection by scanning for and suppressing keyloggers and framegrabbers to prevent spyware from stealing personal and corporate information
Granular Application & User Management
- Intuitive object-based policy manager controls user access to targeted resources
- Granular user and asset control defines access by user, target resource, source/location of user, time of day, and security profile of connecting device
- Policy wizard creates access policies in minutes
- Integrates with leading authentication schemes, such as Microsoft Active Directory, LDAP/LDAPS, RADIUS, RSA SecurID®, and TACACS+
- Flexible tiered access controls allow minimum security thresholds, such as requisite OS patches, AV updates or personal firewalls settings, when accessing specific applications and other resources
- System dashboard provides overview of system health (e.g. CPU usage and disk utilization), concurrent users logged on and overall system status
Scalability and Performance
- Supports 25, 50, or 100 concurrent users
- Transparent, automatic failover for uninterrupted connectivity
- Supports external load balancers to satisfy performance-critical applications
- High performance architecture to easily support LAN speeds
