Aventail Corp.s latest release of Anywhere Secure Access Policy software gives a boost to the companys EX-1500 SSL VPN appliance, providing markedly better client security checks and streamlined policy management workflow than previous ASAP versions.
Click here to read the full review of the EX-1500.
2
Aventail Corp.s latest release of Anywhere Secure Access Policy software gives a boost to the companys EX-1500 SSL VPN appliance, providing markedly better client security checks and streamlined policy management workflow than previous ASAP versions.
The changes in ASAP Version 7.1 make the EX-1500 an excellent overall solution. However, Aventails myriad licensing options can escalate costs quickly.
eWEEK Labs tested the EX-1500 with Version 7.1 of the ASAP software, which started shipping last month. The base price for the EX-1500 appliance with ASAP 7.1 starts at $9,495, but that price includes only Web and file application access for 25 concurrent users. The price escalates to $21,495 for 100 concurrent users, and access for other TCP or UDP (User Datagram Protocol)-based applications via Aventail OnDemand and Aventail Connect costs an additional $10,000 for 100 users.
The price of the configuration we tested totaled $31,495 for a single unit (or $44,395 for a redundant pair), making this Aventail solution pricier than competing offerings from Juniper Networks Inc. and Symantec Corp.
To ensure remote clients are free of worms, keystroke loggers and spyware, ASAP 7.1 uses Zone Labs Inc.s Integrity Clientless Security or WholeSecurity Inc.s Confidence Online. These ActiveX components must be purchased separately and uploaded to the Aventail appliance.
Aventail provides data protection features via Aventail Cache Control, which removes session traces (browser cache, cookies and history) after users disconnect, similar to features offered in F5 Networks Inc.s FirePass. Administrators can also purchase Sygate Inc.s On-Demand for this capability.
Unlike other SSL VPN vendors, Aventail offers only one model of the EX-1500, relying on its clustering capabilities to provide scalability.
The EX-1500s base price includes SSL-protected access to Web applications and Web-enabled file shares via users ASAP Workplace interface. This process worked equally well to gain access to intranet Web servers, Outlook Web Access and Microsoft Corp. file shares from a wide variety of remote client platforms—Mozilla 1.6 and Internet Explorer 6 browsers on Windows clients, Mozilla 1.6 on Linux and Safari 1.2.1 on Mac OS.
Aventail OnDemand provides access to TCP-based applications via an in-line Java component. The OnDemand component doesnt require user knowledge of loopback addresses, as long as a user has local administrative permissions. Wed like to see this capability added to the base licensing cost of the EX-1500.
Administrators can deploy the Aventail Connect client application to access TCP or UDP-based services. The client worked well in tests, but deploying a full client reduces much of the appeal of SSL VPNs in the first place, and only Windows clients will be able to access UDP applications.
Creating access policies in the ASAP Management Console was already an intuitive process, but ASAP Version 7.1 includes several features that make the EX-1500 even easier to use.
The new LDAP and Active Directory search capabilities significantly ease the process of defining groups and users in the local database. The tool is much easier to use than the one Symantec provides with its Clientless VPN Gateway solution.
The access policy creation tools include convenient links to add users or resources without having to navigate away from the policy in progress—a feature thats sorely lacking from many competing products.
Technical Analyst Andrew Garcia can be reached at andrew_garcia@ziffdavis.com.
Be sure to add our eWEEK.com developer and Web services news feed to your RSS newsreader or My Yahoo page