The new version of the product is called ST2+. Aventail is moving away from describing it as an SSL VPN, preferring instead to call it a remote access control platform instead.
Because such VPNs usually deliver their client agents through the browser, the company had to do some work on its software to make it work with IE7, which has tightened restrictions on executable software coming in via the browser.
As SSL VPN agents come in through the web, so does malware, so IE7 not allowing agents to be provisioned transparently, as Aventail executives say, is a double-edged sword. SSL VPN makers are having to work around these security measures.
Aventail has also updated the End Point Control part of its software, which checks whether endpoints are carrying antivirus, anti-spyware and a firewall. Instead of making customers manually add software to the approved list, they can now select from a list of 100s of applications put together by Aventail.
ST2+ also now has a software keyboard that can be used at login. While such virtual keyboards are not foolproof, they do protect against attacks by conventional keystroke loggers.
Aventail has also started selling a $995 reporting tool with a selection of template reports that can be used to gain insight into and audit VPN usage. This software is a separate install, OEMed from a company called FlowerFire Inc.
