In many enterprises and public institutions, the IT support system often comprises an internal business network and a third-party business network. The internal business network mainly uses the OA, ERP and CRM to handle and optimize internal business processes, while the third-party business network deals with business data interaction between the enterprise or public institution and its clients, partners, supervisors and other third parties.

Enterprises and public institutions need to establish a safe and economical business network for third-party access. Such an operation has the following features:
1. Complicated Network Access due to distributed locations
2. Difficult Security Authentication and Authorization due to Access from Varies Institutions
3. High adaptation requirements due to diversified Access Methods of Third-parties

Currently, operators, banks and other enterprise users in the sectors of financial securities, taxation, quality supervision, statistics, auditing and manufacturing face this problem.

 

SANGFOR Solution for Third-party Access
In 2005, SANGFOR released the world's first integrated VPN product - the IPSec/SSL, which has been a standard device in the VPN field. In 2008, 2009 SANGFOR SSL VPN ranked No. 1 with respectively 31.3% and 34% market share in the Chinese SSL VPN market.

As shown in the above figure, the solution adopts only one VPN device to enable third-parties to safely access the intranet of an enterprise or public institution through SSL VPN or IPSec VPN. If the third-party partner or user owns a sizable network and needs fixed access, SANGFOR can deploy an IPSec VPN device in the third-party network to connect two LANs. If the third-party partner or user owns no fixed access point and needs a mobile office, SANGFOR adopts SSL VPN to meet diversified business requirements.

 

The SANGFOR VPN automatically operates after startup and automatically reconnects after disconnection. Thus, the VPN with an unbroken connection suits the complex network environment of third-party users. In addition, the terminals don’t have to install any plug-ins and clients and face no technical challenges. Thus, the SSL VPN suits scenarios in which low numbers of third-party users are widely distributed.

 

The Value of SANGFOR Secure Third-party Network Access Solution
Efficiently Reducing Network and Operation Costs
By integrating the IPSec VPN and SSL VPN, enterprises and public institutions can deploy VPN in their head offices and large branches, and adopt SSL VPN for individual users, and small and scattered branches to access the head office’s network. This effectively reduces networking costs. By adopting this networking method, enterprises and public institutions meanwhile become less dependent on fiber optics and private lines and in turn reduce operation cost.

 

Enabling More Secure Third-party Access
Based on business cooperation, enterprises and public institutions strictly authenticate the identity of third-party users when they access the network. Different business access permissions are assigned at different identity levels. For example, a common supplier can access the supply and marketing system only, but not the CRM and financial system. This means visitors are authorized to access resources appropriately.

 

Building a Sustainable Business Network
The SANGFOR SSL VPN provides a cluster function if business expands and more third-parties need to access the network. Enterprises do not have to purchase a more advanced device to replace the old one, but deploy another SANGFOR SSL VPN, which can be different in model from the primer one, in their head office to partner with the previous device. In this way, load is balanced among several VPN devices, so devices can work more efficiently and more third-parties can access the network.