Other new features in version 2.1 include support for VNC, complementing the already supported Citrix and TSE remote desktop environments. With this technology Virtual Browser can be deployed as a universal telecommute/mobile office environment, delivering remote access to the corporate intranet, web services, virtual desktop environments and even physical desktop systems.

Version 2.1 also offers new levels of flexibility in user interface management. A key feature of the Virtual Browser architecture is that the rendering engine and user interface are separate entities. This means the system administrator can decide what look-and-feel is presented to the user independently of the underlying browser technology and plugins.  For example, with version 2.1 the user can be presented with an Internet Explorer-like user interface while the Virtual Browser appliance is in fact executing Firefox. In the enterprise environment where the slightest change to an application UI can impact productivity as ingrained users habits are challenged, this feature can greatly facilitate application updates and migration while limiting the impact on the end-user population.

Virtual Browser release 1.3 delivers support for transparent authentication modes so that, for example, user authentication for Virtual Browser sessions can be based on Windows logon credentials. On the server side, Virtual Browser can now integrate ICA and RDP clients, opening up a whole new range of possibilities for enterprise deployments.

Looking ahead, the objective is to position Virtual Browser as the universal client for the Cloud Computing era. For the enterprise moving to Cloud-based solutions, Virtual Browser offers a single, centralized point of control for multi-platform access to any web-enabled or virtualized application, wherever it’s hosted. By integrating support for ICA and RDP clients on the Virtual Browser server, end users can access web applications and Citrix or TSE applications through a single, secure, multiplatform browser interface.

The latest release offers improved performance, but more importantly for enterprise deployments multi-server support means that high availability and load balancing features are now available. It’s also possible to configure individual web sessions so that they are isolated on separate physical servers, optimizing network topologies and performance and further reinforcing application security.

Eagerly awaited by our most demanding users, these new features guarantee continuity of service for Virtual Browser end-users independently of the failsafe mechanisms offered by the underlying platform (the Virtual Browser server is designed for installation in VMware environment), while also improving scalability, optimizing performance when very large numbers of sessions are open simultaneously.

As far as I’m concerned this is a fantastic development which will allow businesses to focus on — well, what they do best, where they can add value. Information resources will be available on demand, like tapwater. Except that a packet of data is not like a drop of water; those data packets may be carrying business-critical data. The internet is a two-sided coin for the enterprise: one the one hand, on-demand access to flexible, massively scalable information resources ranging from basic hardware platforms to individualized services and applications software; on the other hand, the vector for increasingly intense efforts to penetrate enterprise information systems for criminal gain. In other words, the enterprise is in the process of migrating it’s information resources to the most stressful environment you can think of if you’ve ever had to think about information security.

If the Cloud Computing paradigm is to fulfill its promises, we urgently need to find ways of reducing the stress of internet dependency. We need to protect ourselves from the internet that threatens us, to get the full benefits of the internet that will make our business more agile, more responsive, which will allow us to evolve and progress. If we can’t make the internet “stress free” we’ll start seeing the (costly) development of parallel secure networks for enterprise applications.

If the best way to avoid internet attacks is not to connect to the internet, that’s clearly an unrealistic approach today. What we can do, however, is to segment different usages, isolating access to sensitive, business-critical data and applications from the potential threats. While building an entirely new network is probably a stretch too far, a more realistic solution, perfectly feasible today, is to isolate individual web applications by virtualizing access at the source, the browser itself. Enterprise end-users access sensitive business applications and data over the internet using secure tunnels carrying virtualized browser sessions. With the virtual browsers hosted in close proximity to the applications, data need never be exposed on the internet with this architecture. We can’t clean up the internet to make it entirely safe for your business critical data and applications, but by ensuring that critical systems and end-user browser sessions are protected from attack we can bring a “stress-free” internet experience several steps closer for the CIO.

• Strong authentication based on X.509 certificates increases protection for the enterprise and reduces the risk of security being breached by simple password theft from a compromised terminal.
• Role-based administrator access ensure that each admin only has the authority to execute authorised tasks (eg configuration, monitoring, etc).
• An IE6 rendering engine provides support for older web-based applications, incompatible with more recent browsers.
• Virtual Browser client installations are now available for Apple Macintosh OSX and Linux platforms, in addition to the Microsoft Windows client.

Additional minor modifications have been made to improve performance and ease of use, so that Virtual Browser remains the best solution for secure web access in the enterprise.

The report leads by identifying two priorities that need addressing: unpatched client-side software, and vulnerabilities in Internet-facing web sites. Based on data collected between March and August of this year, the authors show that application vulnerabilities now far exceed those being discovered in the operating system, commenting that “browsers and client-side applications that can be invoked by browsers seem to be consistently targeted”.

A well-developed tutorial included in the report describes one specific way in which the enterprise can expose itself to web-based penetration. But the report is full of interesting data, and merits the time to read it for any information security professional.

And so to Virtual Browser. If we find the report particularly interesting and relevant, it’s not just for the quality of the data. It’s also because our Virtual Browser technology successfully addresses and mitigates the situations described, something no other technology on the market today is capable of. By putting the browser in a datacenter-hosted virtual machine and isolating browsing sessions from each other, the enterprise is fully protected whether the client side or server side is compromised. Virtual Browser — the enterprise browser solution, Secure by Design.

Thoroughly tested and validated by users and industry experts, Virtual Browser release 1.0, available immediately, fulfils market demands for secure, mobile access to web-based applications.

After several months of testing by potential customers and partners, we launch the release of version 1.0 of the Virtual Browser solution. “The way Virtual Browser is designed inherently protects the user’s PC and the network against web-based threats” said Joseph Latanicki, security architect at Theresis, the innovation laboratory of Thales Security, Solutions & Services division, one of the industry specialists who has tested the solution. “It also facilitates the control of web usage in the enterprise, including analysis of content delivered over https connections. But looking beyond the security features, Virtual Browser also offers other key features making it easier for enterprises to deploy web-based application access”. In fact the Virtual Browser architecture, in addition to its “secure by design” guarantee, allows the enterprise to design and deploy new web services without having to worry about compatibility with multiple browser  solutions and releases or the problems of security on remote or mobile terminals. The optimum browser for any application is offered transparently to the user by the virtualisation architecture.

But RSA has (in a sense) come to our rescue! This year’s conference includes a side dish called the RSA Innovation Sandbox. Basically a start-up competition, RSA invites innovators like commonIT to sign up to deliver a four minute presentation and demo of their technology to a panel of industry gurus.

At the last count we were one of nearly 30 companies competing. If you’re registered to attend the RSA Conference you can help us by following this link and registering a vote for Virtual Browser.

And should we reach San Francisco, there’ll be a glass of Anchor Steam for any of our supporters we meet up with! Meanwhile here’s a preview of our 30 second demo video.

Among them, a long interview in Global Security Mag and some news on specialized French web sites like Security Vibes and Mag securs.

But this is just the beginning…

Virtual Browser is a new web browser that guarantees security and mobility by design.

Virtual Browser does not run on the user device but in a dedicated secure environment, on a virtual machine in a DMZ or “in the cloud”. Only presentation data (image, sound, keyboard, mouse,  print, etc.) are displayed on the user’s computer. The core of the browser runs on the remote software appliance, ensuring that attacks are unable to hit user data, end ponit devices or the network. Moreover Virtual Browser isolates web sessions on separate virtual machines according to their security level. This means business critical web services (such as CRM, online banking and so on) are safe and isolated from user web surfing.

Virtual Browser can also play the role of a remote client to access internal web applications. For mobile users, Virtual Browser maintains the user environment, so that the user always gets their personal bookmarks and cookies even when connecting from different devices - including PDAs and smartphones.

By the way, Virtual Browser can be used as a secure client to facilitate customer or partner access to enterprise web applications. With Virtual Browser the company can not only protect customers but also controla how they access business services. Because no IP connexion is mounted between the user’s computer and the application server, there is no risk of contamination from an infected device (so no need for end-point integity checking).