By Andrew Garcia  |  Posted 2004-05-10 Print this article Print

Designed for small and midsize businesses, AEP Systems SureWare A-Gate AG-600 was simple to set up and integrate into the network, and it comes at a very attractive price. However, the paucity of applications available without a full VPN client and some unseemly security holes make it tough for us to recommend the product.

Unlike the rest of the products we reviewed, the AG-600, which started shipping in March, sells for a flat price ($8,995 per device).

The AG-600 offers two modes of connectivity. A-Gate Anywhere provides clientless remote access to Web applications, as well as access to RDP (Remote Desktop Protocol) services such as Windows Terminal Services with a Java applet. A-Gate Central offers a SOCKS reverse proxy for TCP/UDP-based applications that requires a full client application installed on the end users machine. (The AG-600 was the only product we tested that required a full client to access file shares.)

The AG-600 integrated easily with our RADIUS and LDAP AAA (authentication, authorization and accounting) servers, but we could not tie each authentication server to a separate log-in page, as we could with the Juniper product. Wed also like to see AEP separate the user and administrator log-in pages.

The A-Gate Central client is available only for Windows client machines; Linux users can access Web resources via A-Gate Anywhere. However, we had a hard time using RDP services with Mozilla 1.6 on Linux because Mozilla has problems with the way AEP displays the Java applet.

We also came across a disturbing security problem with the AG-600s RDP SOCKS proxy. No matter what permissions we defined, any user could locate the published list of RDP hosts and connect to the associated machine. AEP currently offers a software fix that blocks RDP traffic after the applet loads, but users can still see the resource list. AEP offers the patch on its support site but is currently shipping units without the patch.

The AG-600 does offer an elegant solution for high availability and improved performance. Administrators can cluster two units and then add AG-600 units to increase concurrent-user capacity without requiring a separate load balancer.

Click here to read the next review in this series.
Check out eWEEK.coms Security Center at http://security.eweek.com for security news, views and analysis.
Be sure to add our eWEEK.com security news feed to your RSS newsreader or My Yahoo page:  

Andrew cut his teeth as a systems administrator at the University of California, learning the ins and outs of server migration, Windows desktop management, Unix and Novell administration. After a tour of duty as a team leader for PC Magazine's Labs, Andrew turned to system integration - providing network, server, and desktop consulting services for small businesses throughout the Bay Area. With eWEEK Labs since 2003, Andrew concentrates on wireless networking technologies while moonlighting with Microsoft Windows, mobile devices and management, and unified communications. He produces product reviews, technology analysis and opinion pieces for eWEEK.com, eWEEK magazine, and the Labs' Release Notes blog. Follow Andrew on Twitter at andrewrgarcia, or reach him by email at agarcia@eweek.com.

Submit a Comment

Loading Comments...
Manage your Newsletters: Login   Register My Newsletters

Rocket Fuel