Nortel's VPN Gateway 3070

Data sheet for Nortel's VPN Gateway 3070 Starting price: $26,000 Overall score: 3.3

Click to see:

Nortel's SSL VPN (out of its Alteon group) may be aimed for sale across enterprise and carrier markets, but based on its performance in our enterprise-focused testing, it fits best into the service provider world. Heavy reliance on Lightweight Directory Access Protocol (LDAP) and RADIUS features (see results of authentication interoperability tests), along with partitioning, virtualization of multiple VPN sites within a single system, extensive SNMP support, large clusters (see results of high-availability tests), and provider-oriented logging and accounting features make this product a great fit for very large deployments. Nortel trumpets a recent customer win at Sabre, exactly the kind of project in which this product would shine.

However, the Nortel implementation won't be quite as welcome in any smaller deployment. Enterprise users will find the Web-based management interface clumsy and awkward, and likely fall back to the command-line interface - as most of the Nortel development team appears to have done as evidenced in our testing (see results of manageability testing).

More importantly, some features are only fully baked in the carrier environment. For example, cached user passwords are available only in LDAP-based deployments with write-access to the directory. That's not going to be very palatable to your average Active Directory administrator, although a service provider would find that a superior approach. At the same time, Nortel has jammed some of its Contivity IPSec VPN features, such as TunnelGuard, into the SSL VPN Gateway, seemingly without thinking too hard about the differences between how you build things for the world of SSL VPN remote access as compared with the IPSec realm.

< Previous summary: Nokia | Next summary: SonicWall >