KEMP Technologies has announced that all of its Application Delivery Controllers (ADCs) and load balancers now feature enhanced edge security gateway functionality to protect published workloads and improve user application performance. By combining advanced Layer 7 load balancing and content switching for application optimisation along with critical security features, KEMP provides an alternative to fill the gap left by Microsoft's decision to ‘end-of-life' its Forefront Threat Management Gateway (TMG).
In addition to features such as Single-Sign-On, pre-authentication and SMTP domain filtering, new enhancements across the board for KEMP LoadMaster's Edge Security Pack (ESP) include:
Dual-factor authentication w/RSA SecurID
Integration with RSA SecurID allows ESP-protected workloads to comply with organisational requirements of dual-factor authentication for Internet-facing services and provides enhanced security for published applications.
Official support for application workloads
In addition to support for Microsoft Exchange, the same level of application-specific optimisation has now been extended to include Microsoft SharePoint, Active Directory Federation Services (ADFS) and Generic IIS (Internet Information Services) based applications and websites.
User access to ESP-protected application services can be blocked after a defined number of failed login attempts. The list of blocked users can be manually edited by a LoadMaster system administrator or configured to unblock user lockout after a set interval.
RADIUS Authentication Support
When enabled, a RADIUS authentication provider must verify user credentials and other attributes based on configured policies prior to allowing access to ESP-protected application services.
Group Membership Validation
Access to ESP-protected virtual services can be restricted to users based on security group membership, providing additional access control around identity verification.
In addition to intelligent L4-7 application-focused load balancing, KEMP LoadMasters offer core security features such as IPS, SSL bridging for secured traffic flows, customisable ciphers for SSL negotiation and TCP connection termination, providing a way for customers to securely publish applications.
KEMP LoadMasters also incorporate many features to support the impending transition from IPv4 to IPv6, such as mixed-mode interface addressing along with IPv6 ACL (Access Control Lists) support and the ability to simultaneously address and manage virtual services and target servers across IPv4 and IPv6 address spaces. In independent testing, the KEMP LoadMaster was found to perform on par and in some cases, better, in IPv6 infrastructures as compared to IPv4 environments.