Groundbreaking test evaluates 11 products on the basis of interoperability, security, policy and high availability.
Since we tested this class of products nearly two years ago, vendors have packed them with application support, security options and end-user presentation glitter. The upshot is that comparing SSL VPN devices side by side uncovers more differences than similarities.
If you don't like IPSec VPNs, then you'll love SSL VPNs. That's the pitch from vendors pushing SSL VPNs as the alternative for secure remote access, as a platform for extranet deployment and even as an internal security tool for corporate LANs.
Since we tested this class of products nearly two years ago, vendors have packed them chock full of application support, security options and end-user presentation glitter. The upshot is that comparing SSL VPN devices side by side uncovers more differences than similarities.
The 11 products we tested in seven critical areas of operation were: AEP Networks' Netilla Security Platform, Array Networks' SPX-5000, Aventail's EX-1500, Caymas Systems' Caymas 525, Check Point's Connectra, F5 Networks' FirePass 4100, Fortinet's Fortigate-3600, Juniper Networks' Secure Access 6000, Nokia's Secure Access System 500s, Nortel's VPN Gateway 3070 and SonicWall's SSL-VPN 2000.
The seven critical areas were (see How we did it):
- Application interoperability - we tested each product's ability to run with 16 distinct applications in nine operating system and browser configurations.
End-point security support - we tested the efficacy of wares designed to collect information about the machines trying to get on the network, and what you can do with that information.
Fine-grained access control - we examined how much control you get - and don't get - with each product.
High availability - we tested the features of each product that let you build bigger and more reliable SSL VPN services.
Manageability - we evaluated how easy it is to manage each device, and which management systems work best.
Authentication - we tested six authentication systems, ranging from digital certificates to two-factor authentication, to see how compatible and flexible each product is.
As in our last test, Juniper steps to the front of the line with a massive set of enterprise features. In every category, including end-point security, detailed access control and interoperability testing, Juniper leads the pack.
Although Juniper did well across the board, we found that the competition is stiff in every category. We saw great results from Aventail in its manageability and high-availability efforts, from Check Point in the area of threat mitigation, from F5 in portal presentation and authentication interoperability, and from Nokia in interoperability and high availability measures.
We were pleasantly surprised by the high scores from AEP, especially in interoperability, and Caymas, in the area of fine-grained access control. These two vendors had not been riding high on our radar screens before this test.
Joel is a senior partner at Opus One, a consulting firm, in Tucson, Ariz. He can be reached at Joel.Snyder@opus1.com.
Snyder is also a member of the Network World Lab Alliance, a cooperative of the premier reviewers in the network industry, each bringing to bear years of practical experience on every review. For more Lab Alliance information, including what it takes to become a member, go to www.networkworld.com/alliance.
Learn more about this topicSonicWall buys boost security, storage
11/28/05Juniper extends SSL VPN wares
08/15/05Management features key to SSL VPN pack
Wi-Fi is great when it works right – and when it’s secure. Although setting up Wi-Fi can seem...
IBM Hong Kong this morning issued an un-IBM-like press release in response to a report by Robert...
Buyers of the earthly explanation for whatever fell from the sky in Roswell, N.M. back in 1947 are...
Sponsored by AT&T
Sponsored by Brocade
Making use of once widely questioned acquisition, Cisco is expanding the role of Meraki in its...
Windows 10 may still be in beta, but it already has some fun and handy, hidden new features worth...
Three risks and three remedies to help ensure this doesn't happen to you
Not so long ago, the open source model was the rebellious kid on the block, viewed with suspicion by...