Juniper is upgrading its remote access platform to support IPSec or SSL sessions, deciding on the fly which technology is better suited for the current connection.
This is the first time a remote access vendor has incorporated both IPSec and SSL transport in an agent that is downloaded to a remote machine at the time of connection. The agent overcomes the objection that IPSec requires a separately installed client on remote machines. Juniper says it first tries IPSec because that technology has less inherent delay than SSL and so provides better performance.
As remote users try to connect over the Internet to a Juniper SSL VPN box at the edge of a business network, the device sends down a dual agent. If the IPSec connection is blocked, as can occur across network devices that swap private IP addresses for public ones, the software will fall back to an SSL connection, which can generally get through these network address translation devices.
In addition, Juniper is adding XML rewrite capabilities to the platform to make it possible to reach applications with XML-based content.
The company is upgrading its host-checker software that scans remote computers before allowing them to connect to a VPN.