MCI is promising increased security for mobile and remote workers with a range of new security features and a new partnership.
The company has linked arms with Aventail to deliver SSL VPN technology and plans to introduce new features to its Remote Access suite of services, including technology to detect online fraud and scramble user passwords sent over MCI's global network, the company said.
SSL VPNs are an increasingly popular technology for providing remote users with access to network resources such as e-mail, software applications and network file servers.
As opposed to VPNs that use IPsec, clientless SSL VPNs do not require a separate software application to run on the remote user's machine. They also rely on the SSL protocol, which is a part of most common Web servers and Web browsers and widely used to secure e-commerce transactions.
This focus on security remote workers' access to corporate networks has also caught the eye of several other vendors, with Symantec, Configuresoft and StillSecure all releasing new products aimed at this market earlier in the week.
MCI's managed remote VPN service will allow customers to connect to corporate networks from any Internet connection using any computer with a Web browser, MCI said.
The new service will be integrated with MCI's desktop remote access platform, called Access Manager, and its administrative platform for Remote Access Service called Enterprise Services Management. That integration will make it simpler for administrators to manage user passwords and access policies, the company said.
MCI, which recently changed its name from scandal-tinged WorldCom, is also planning a series of moves to build security into Remote Access network services. The Remote Access program provides a range of security services and support for companies with employees who need to access corporate networks through wireless, DSL or Ethernet connections.
In May, the company will begin offering anti-fraud protection for Remote Access customers. The new features use patented anti-fraud technology called "MCI Sheriff" to spot fraudulent traffic generated when a user's account is hijacked by an unauthorized user, MCI said.
The company will also add support for Extensible Authentication Protocol (EAP) to Remote Access in the fourth quarter of 2004, MCI said. EAP is an authentication protocol designed to insure interoperability and compatibility between different user authentication systems. Support of EAP on MCI's global IP network will provide stronger authentication for user passwords and other data sent over that network, MCI said.
The company has been moving in recent months to increase security for its IP customers. In March, the company announced that it would offer a so-called "service-level agreement" to customers for denial-of-service attacks. The agreements promise a response from MCI's security team within 15 minutes of when a user calls MCI to report the attack and the carrier issues a trouble ticket.