SSL VPNs Provide Granular Access

Review: Aventail's EX-2500 and F5 Networks' FirePass 4100 appliances work well at securing access at the app level.

SSL VPNs make network remote access convenient for users and IT staff while reducing the deployment complexities often associated with more-established IP Security VPN products.

eWEEK Labs recently tested two Secure Sockets Layer VPN appliances—Aventails EX-2500 and F5 Networks FirePass 4100. Our tests show that these appliances are, indeed, easier to set up than their IPSec cousins.

/zimages/2/28571.gifThe business climate is ripe for the current SSL VPN technologys capabilities. Click here to read more.

However, among the most compelling reasons to consider using an SSL VPN is the ease of securing access at the application layer, rather than at the network layer, as IPSec VPNs do.

While this meant a little more configuration time during our tests—in terms of setting up resources such as file shares, Web-based applications and client/server applications so they would be available when users accessed the network—there is no doubt that our network security was more tightly controlled as a result.

Our tests of the SSL VPN appliances showed a distinct reliance on agents that were either downloaded or even preinstalled on end-user systems.

However, the SSL VPNs centralized policy tools made it much easier than with IPSec VPNs to repair these clients, to make centralized changes to the way that groups of users accessed resources and to prevent users from unauthorized data access.

IT managers will see increasing choices in SSL VPN-based technology in the near future, with more focus on endpoint checking to ensure that only secure, correctly configured devices gain access to the network.

/zimages/2/28571.gifClick here to read a review of FirePass 4100.

/zimages/2/28571.gifClick here to read a review of Aventail EX-2500.

Technical Director Cameron Sturdevant can be reached at

/zimages/2/28571.gifCheck out eWEEK.coms for the latest news, views and analysis on servers, switches and networking protocols for the enterprise and small businesses.