Call a Specialist Today! 800-886-5369

Celestix WSA 8400 Unified Access Gateway
Comprehensive secure remote access to network resources for any user and from any location


Celestix WSA 8400 Unified Access Gateway

Celestix Products
Celestix WSA 8400 Series
Celestix WSA 8400 Unified Access Gateway
Including CAT6 Ethernet Cable, 2 x Power Cable, RJ45 Connector Cable, and Rack Mounting Slides
Contact us for pricing!

Click here to jump to more pricing!

Overview:

Celestix is committed to continue servicing the market for Microsoft UAG 2010 until 2023, allowing existing customers to continue depending on the product with peace of mind. It also enables new customers to depend on UAG without any concern about the lifecycle of the product.Organizations of all sizes rely on UAG 2010 to deliver comprehensive, secure remote access to corporate resources for employees, partners and vendors on managed and unmanaged PCs and mobile devices. UAG strength lies in its reverse proxy and application based SSL VPN comprehensive functionality combined with its relative simplicity of utilizing a combination connectivity options ranging from SSL VPN to DirectAccess. The technology is widely deployed in the market and is a trusted component of many thousands of networks worldwide.

Celestix WSA delivers secure, anywhere access to corporate resources with Microsoft Forefront Unified Access Gateway (UAG) 2010. Through a centralized management portal, organizations can securely publish applications to any users from a range of endpoints and locations, including managed and unmanaged PCs and mobile devices.

Celestix WSA supports a combination of connectivity options such as SSL VPN, Windows DirectAccess and SSTP as well as built-in configurations and policies. WSA integrates a deep understanding of the applications published, the health of the device being used to gain access, and the user’s identity to enforce granular access controls and policies.

Microsoft Forefront Unified Access GatewayHighlights

  • Secure publishing of on premise applications regardless of type
  • Seamless integration with Microsoft applications such as SharePoint, Exchange and OCS/Lync
  • Control access to cloud based applications such as Salesforce, Google Apps, and Office 365
  • Enables a variety of access methods including SSL VPN, SSTP, and DirectAccess
  • Endpoint device health control and manage out capability
  • Control access based on endpoint compliance against policy
  • Multiple server array deployment
  • Integrated single sign on and authentication options
  • Granular access policies
  • Supports Windows Server 2008 (x64)
  • Built-in firewall
  • SQL logging
  • Reduces total cost of ownership by consolidating infrastructure
  • Reduces support costs by simplifying connectivity for users

Seamless and Secure Remote Connectivity with DirectAccess

With WSA and Windows 7/8/8.1, mobile workers can seamlessly and securely access the corporate network using DirectAccess. WSA appliances can be configured as DirectAccess servers enabling domain computers to transparently connect to the network regardless of that user’s location, without requiring any additional user input.

Integrated Security

WSA limits risk through a combination of access policies, endpoint health inspection, and user authorization information. Administrators can set up policies that specify prerequisites that endpoints must meet for each transaction. Endpoint health can be inspected using built-in UAG policies or through integration with Network Access Protection (NAP).

Simplified Remote Access

WSA consolidates and standardizes access to corporate resources through a single platform. The result is a simplified ongoing management and user experience security and corporate compliance.

Features:

Celestix provides numerous additional features that complement and enhance the use of UAG. Automated update services provide prescreened alerts and patches through the COMET web UI, and multiple backup and restore options provide solutions for disaster recovery. Celestix appliances are the de facto platform for the secure and risk-free deployment of UAG 2010, just ask the readers of Computing Security who voted WSA the Network Security Product of the Year 2011.

Secure, anywhere access

Secure, web-based access to business critical applications and data.

  • Differentiated and policy-driven access to network, server, and data resources.
  • Flexible application-intelligent SSL VPN from any device or location.
  • Highly granular access and security policy enforced at the session, application, and function levels.
  • Comprehensive basic and form-based authentication through Active Directory®, RADIUS, LDAP and HOTPin
  • Customizable, identity-based web portal with single sign-on (SSO).
  • Handles embedded browser applications.
  • Connectivity and control for client/server and legacy applications.
  • Management features for DirectAccess VPN.

Protect IT assets

Integrated application protection helps ensure the integrity and safety of network application infrastructure by blocking malicious attacks.

  • Application-layer firewall blocks non-conformant requests, such as buffer overflow or SQL injection, on application protocols.
  • Comprehensive protocol validation and deep content inspection with both positive and negative logic rule sets.
  • URL cloaking and full functionality for remote users through dynamic URL rewrite and HTTP parameter filtering.
  • Application optimizers provide out-of-the-box protection for high value applications such as SharePoint® Server, Microsoft® Outlook® Web Access
  • Comprehensive monitoring and reporting; integrates with third-party risk and policy management platforms.
  • Extensible infrastructure and tools for custom application publishing and scripting.

Simplified provisioning and management

Celestix WSA appliances provide a single platform through which to deliver and manage remote access. With built-in policies and configurations for common applications and devices, you can gain more control, more efficient management, greater visibility, and lower total cost of ownership.

  • Multiple server array deployment provides high availability and failover capabilities.
  • Supports Windows Server 2008 R2 (64-bit) operating system.
  • Simple application publishing tools for core applications such as SharePoint.

Built for purpose appliance platform

Celestix WSA appliances provide an award winning, hardened turnkey platform for the deployment of UAG 2010. Celestix optimizes both the hardware and software on the WSA appliance to ensure a risk-free “right first time” deployment. Celestix helps to lower the cost of ownership through reduced deployment timescales and increased hardware reliability.

  • Rapid deployment with jog dial, LED display and intuitive interface.
  • Simplified administration with COMET user interface.
  • Automated patching and updates for application, OS and firmware.
  • Out of band management.
  • A range of appliance form factors for enterprises of all sizes.

Celestix WSA and SharePoint:

Collaboration has become an essential force in the workplace as groups of colleagues work together to solve problems, complete projects and perform other essential day-to-day business operations. Using products such as Microsoft Office SharePoint Server 2010 and Windows SharePoint Services 3.0, information workers throughout a company can work jointly on documents as well as post files, participate in threaded discussions, link to dynamic Web content, and generate tables based on information in corporate databases. In addition, companies can use these tools to collaborate with partners and customers around the world.

Unfortunately, this collaborative environment is often limited to on-network use or is accessible only via cumbersome virtual private network (VPN) schemes from fully managed client machines. Wouldn’t it be great if you could safely access your SharePoint portal from anywhere at any time?

Celestix has the tools to make that happen. By combining the Celestix WSA running Unified Access Gateway 2010 with Microsoft Forefront Security for SharePoint, you can:

  1. Increase productivity: Allow users to access SharePoint resources from any Internet connection.
  2. Enhance the end-user experience: Maintain the familiar look and functionality of the SharePoint site while working off the network
  3. Bolster security: Help ensure that access to resources is secured and document content is clean and free from malware and inappropriate information.

Celestix WSA Unified Access Gateway delivers comprehensive, secure remote access to corporate resources for employees, partners, and vendors from a diverse range of endpoints and locations, including managed and unmanaged PCs and mobile devices. Celestix WSA integrates a deep understanding of the applications published, the state of health of the devices being used to gain access, and the user’s identity to enforce granular access controls and policies.

Seamless and secure remote connectivity to SharePoint

Seamless and secure remote connectivity to SharePoint

With SharePoint and Celestix WSA, mobile workers can seamlessly and securely access the entire corporate site wherever they have an Internet connection. The organization can benefit from UAG’s ability to control access dependent on user profile, access rights and security posture of the endpoint.

  • Protect the SharePoint deployment with a hardened edge solution and built-in firewall
  • Simplify deployment using built-in wizards and tools
  • Publish SharePoint natively without any unnecessary user interaction with UAG
  • Publish SharePoint through a portal along with other applications
  • Support scalability and ongoing administration through built-in array management and integrated load balancing.

Secure Connectivity for Microsoft BPOS:

Many enterprises are turning to cloud-based business applications to trim the high cost of hosting applications in house. Business Productivity Online Suite (BPOS) is Microsoft’s hosted (cloud) solution for communication and collaboration. BPOS includes Exchange Online, SharePoint Online, Office, Live Meeting, and Microsoft Office Communications Online. Protecting access to BPOS hosted applications and data presents some new challenges to network security professionals.

Celestix WSA appliances with Microsoft UAG SSL VPN software and Celestix software customizations are the new, powerful solution for protecting access to BPOS. WSA appliances are the first and only solutions that deliver BPOS to users through Microsoft’s UAG SSL VPN. WSA appliances also offer a suite of unique features engineered by Celestix that enhance the security and performance of BPOS deployments as well as enable the integration of BPOS/UAG with existing network infrastructure.

Microsoft BPOS Diagram

Microsoft UAG Secure Access

UAG’s browser-based SSL VPN provides users with secure access to applications regardless of their location. UAG controls access from any endpoint at any location such as kiosks, PCs, and mobile devices. UAG is more than a simple SSL VPN. UAG delivers:

  • Policy-Based Access
  • Application Intelligence
  • High Flexibility for Configuration
  • Network Separation
  • Endpoint Security and Health Compliance
  • Application control that BPOS lacks

Proprietary Celestix Software Integration for BPOS

The Only UAG and BPOS Integration
Celestix’ WSA appliances are the first and only working integration of BPOS with Microsoft Unified Access Gateway (UAG).

Extend Active Directory Policies to BPOS
WSA appliances can extend Active Directory group policies to BPOS applications. BPOS by itself has no direct connection to corporate Active Directory or corporate authentication standards. WSA lets enterprises leverage the authentication scheme they normally use with BPOS. For example, if an enterprise uses LDAP (OpenLDAP) authentication, the WSA appliance software will provide the translation and mapping to BPOS.

Custom Deployment Modes
WSA appliances let you deploy secure access to BPOS three ways:

  1. Securely connect users to BPOS via the corporate LAN.
  2. Use the WSA appliance to authenticate remote users who connect directly to Microsoft’s BPOS server via the Internet. This mode saves network bandwidth.
  3. Use your WSA appliance to restrict user access to BPOS only through the corporate LAN for added security.

Protection Against Data Loggers
Celestix’ Virtual Keyboard feature on WSA protects BPOS users from keyboard loggers and other data loggers. Users click the on-screen keyboard to enter their passwords.

Single Sign On (SSO) and Authentication
BPOS does not natively share SSO capability with enterprise-hosted applications. WSA appliance software lets BPOS share SSO functionality with enterprise applications.

BPOS uses a client SSO application to provide SSO among BPOS applications. BPOS’ client app has two problems:

  • The SSO client only runs on Windows XP and Windows 7 devices
  • Because the BPOS SSO runs on the client, you should not install the client on non-enterprise devices due to security concerns with certificates and SSO data. In contrast, WSA’s SSO feature runs in the appliance. This raises no certificate and SSO data issues on a client computer.

WSA appliances extend UAG’s single and multi-factor authentication methods. WSA appliances also deploy Kerberos Delegation support for authentication and application single sign on.

Celestix’ Adds Two-Factor Authentication
BPOS does not support 2FA. WSA appliances support Celestix’ HOTPin tokenless 2FA system as well as RSA, Vasco, Smartcards, and other 2FA systems.

Celestix’ CAPTCHA
WSA’s CAPTCHA authentication feature protects against automated bot attacks. If authentication attempts fail in succession, new CAPTCHA challenges appear before continuing. This insures users are people, not scripts or “hack machines.”

Celestix Appliance Advantages

WSA appliances are purpose-built security appliance solutions. Celestix builds appliance hardware with high-speed components and architecture throughout to maximize the performance of UAG. Celestix forgoes the use of unnecessary components to harden the solution and keep costs low.

Celestix Comet appliance engine provides network administrators with ease-of-use features that save labor and costs at every phase of the deployment.

The Jog dial and front panel display permit headless communication with the network. For installation, you rack the unit, connect it to the network, power it up, and adjust network settings with the Jog Dial to have your security solution for BPOS live in fifteen minutes.

The WSA’s Web UI lets you remotely configure and manage the appliance and software through a single interface.

WSA appliances have on-box backup of configurations that let you return to the Last Good Version for easy recovery. Or, use the feature for one-button reset to factory presets if desired.

Celestix’ software update system delivers prescreened software updates, patches and alerts for all of your appliance’s software through a single convenient UI.

The Right Security for BPOS

WSA appliances are the only solutions now available for secure access to BPOS through UAG. With Celestix added security and appliance features, you can be sure that WSA will be the leading solutions for BPOS protection far into the future.

Deployments:

Celestix Salesforce SSO module for WSA

With the Celestix Salesforce SSO for WSA solution, Salesforce access is treated like any internal application accessed via the SSL VPN. In this manner, Celestix is able to enforce endpoint security compliance, leverage corporate access policies and manage permissions. WSA can be connected to local authentication repositories such as Active Directory without having to expose usernames/passwords to the cloud. This eliminates redundancy of user/policy information within Salesforce and thereby minimizes maintenance complexity. Click here for more information.

Celestix Salesforce SSO module for WSA

Celestix WSA appliances deliver Microsoft’s Forefront Unified Access Gateway 2010 (UAG) to provide policy based, granular and secure anywhere access to corporate resources. WSA supports multiple connectivity options including SSL VPN, DirectAccess, SSTP and RDP, allowing organizations to publish a broad range of applications and resources and providing users with granular levels of access in line with their level of trust.

UAG’s ability to interrogate the endpoint and determine levels of health and trust prevents endpoints that don’t comply with corporate health and security standards from connecting to the network. Further, UAG lets administrators expose only the applications, or parts of applications, to only the users or user classes they wish to authorize. For instance a trusted user logging in from an endpoint that does not fully comply with corporate policy may just be allowed read-only access to email or limited access to sites or zones within a SharePoint site.

Sessions through the WSA are encrypted, preventing unauthorized access to any sensitive information left on intermediate servers, while session wipers remove data from endpoints when a sessions ends.

The WSA appliance range is the award winning, market-leading deployment platform for Microsoft UAG 2010. WSA appliances are built for rapid deployment, simplified management and high performance. The COMET software engine provides an intuitive and feature rich web UI that allows for advanced configuration for both UAG and the appliance.

WSA powered by Microsoft UAG, secure remote access from Celestix business anywhere solutions.

Product Details:


Administration

  • Celestix COMET management console
  • Web UI and wizards
  • Integrates with Active Directory
  • Front panel display and jog dial
  • Includes standard configurations for enterprise applications and extensive customization capabilities
  • Units are shipped pre-hardened with comprehensive policy configurations

Logging and Reporting

  • Supports monitoring, logging, and reporting for management and accounting
  • Event monitoring of users, applications, and time periods
  • Event logger records system usage and user activities and send alerts to the administration console
  • Event query tool with pre-configured templates for full reporting capabilities
  • SQL logging

High Availability

  • One-button system recovery
  • Remote drive service
  • Load balances traffic to array members, using integrated Network Load Balancing (NLB) or a hardware load balancer

Endpoint Access Controls

  • Endpoint policy allows administrators to define compliance checks and verify endpoint settings such as active security software
  • Delivers a standard SSL VPN portal and login pages for easy setup, customization, and administration
  • Built-in certificate authority that grants a trusted endpoint certificate for a specific machine on request
  • Integrates Windows Server 2008 NAP technology to verify client endpoint compliance against NAP policies

Connectivity Options

  • DirectAccess
  • Remote port and socket forwarding over an SSL tunnel
  • Remote Desktop Gateway (RDG)
  • Network-level SSL VPN, with support for both the SSTP and Network Connector protocols

UAG 2010 Licensing

  • Includes OS license
  • Requires a Client Access License (CAL) for each named or authenticated device or user

Specifications:

WSA 8400 Front and Rear Views


  WSA 3400 WSA 6400 WSA 8400
MSA Series Model WSA 3400 WSA 6400 WSA 8400
Type of Business Designed for small to mid-sized enterprises Designed for large and multinational enterprises Designed for large and multinational enterprises
Recommended Users Up to 500 500 - 5,000 5,000 - 15,000
Form Factor 1U 1U 2U
CPU Intel i5 Intel E3 2 x Intel E5
Number of Processors 4 Cores 4 Cores 12 Cores (hyperthreading)
Memory 8 GB 16 GB 16 GB
Cache 6 MB 6 MB 15 MB
Hard drive SATA-II 120 GB available storage SATA-II 120 GB available storage
2 x 160 GB hot-swappable hard drive
SATA-II 300 GB available storage
4 x 160 GB hot-swappable hard drive
Hot-Swappable Fans
Power Supply 220W auto-switching universal 110/220V AC power supply Redundant hot-swappable power supply 2 x 250W Redundant hot-swappable power supply 2 x 500W
Disk Mirror RAID - RAID 1 RAID 6
Gigabit Ethernet Ports 6 6 8
Dimensions (H x W x L) 1.75” x 17.3” x 13.0” inches 1.75” x 17.3” x 21.5” inches 3.5” x 17.4” x 23.25” inches

Options & Upgrades:

Celestix WSA Upgrade Program

Introduction - By participating in the Celestix Upgrade Program, you ensure your network is protected by the very latest in security, reliability, and performance available without hurting your bottom line. The Celestix Upgrade program is available to current Celestix customers with earlier generation products wishing to upgrade to our latest line of unified access solutions.

Details - Celestix customer is able to upgrade an earlier generation Celestix appliance, to eligible new Celestix solutions at 25% off the standard purchase price. To activate Upgrade products one must simply retire the eligible earlier generation Celestix appliance already on their account with 8x5 or 24x7 support contract. Not all devices are eligible for all Upgrade appliances. Specific eligibility details are outlined in the “Eligibility Chart”.

How to Purchase Celestix Upgrade Products - If you have an eligible product you would like to upgrade, simply purchase the Upgrade part number that corresponds to the desired available Upgrade product. Celestix products with unique Trade Up part numbers are available through this website. The discount is built into the price so you see the savings instantly.

Activating Upgrade Products - During activation of the Upgrade product you will be required to identify an eligible product on your account to be replaced. The specific device must be active in order to complete the activation of the Upgrade product. (To verify that the device you wish to replace is active please contact us) Once the eligible device has been identified, it will be retired and the new box will become active.

  • Retired product will be removed from the customer’s Support contract account
  • Retired product will not be eligible for upgrades, support, or software updates

Further Action Required - To complete the process, a certificate of retirement (CORE) must be completed and returned to Celestix within sixty (60) days of activation. The CORE can be returned via an email to upgrade@celestix.com. The CORE will certify that the retired device used in the upgrade has been destroyed and properly disposed of in accordance with local environmental standards. Celestix reserves the right to deactivate the new Upgrade product if at any time if the Upgrade product is determined to have been activated in violation of any of the Upgrade Program’s Terms and Conditions.

Terms and Conditions:

  1. Celestix Networks reserves the right to deactivate an Upgrade product at any time if found to be in violation of program guidelines.
  2. Distributors or resellers found to be abusing the Celestix Upgrade Program may face penalties from Celestix, which may include but are not limited to: termination of partnership status, loss of specific partnership benefits as deemed appropriate by Celestix, and/or exemption from participating in any or all Celestix promotions and/or programs that benefit partners and/or end users.
  3. Celestix reserves the right to change or cancel any aspect of this program at any time.
  4. Upgrade offer valid for Celestix WSA Series products only.
  5. For certain products Upgrade is restricted, review “Eligibility Chart” for qualifications.
  6. In order to be eligible for the Upgrade Program, the device being upgraded must be activated in the same Support contract account that the new Upgrade product will be activated in.
  7. Device being upgraded must not have been previously retired or otherwise deactivated prior to activation of new Upgrade product.

Client Access Licenses (CAL) - WSA customers must have UAG Client access licenses for each user using the gateway. IAG CAL’s cannot be applied to UAG systems therefore new CAL’s must be purchased. Please contact us to purchase licenses.

Documentation:

Download the Celestix WSA Series Datasheet (.PDF)

 

Celestix Products
Celestix WSA 8400 Series
Celestix WSA 8400 Unified Access Gateway
Including CAT6 Ethernet Cable, 2 x Power Cable, RJ45 Connector Cable, and Rack Mounting Slides
Contact us for pricing!
Celestix WSA 8400 Series 8x5 Support & Maintenance
Celestix WSA 8400 8x5 Support, 1 Year
Contact us for pricing!
Celestix WSA 8400 8x5 Support, 3 Year
Contact us for pricing!
Celestix WSA 8400 Series 24x7 Support & Maintenance
Celestix WSA 8400 24x7 Support, 1 Year
Contact us for pricing!
Celestix WSA 8400 24x7 Support, 3 Year
Contact us for pricing!