| Product |
Secure Access 6000 |
Secure Access System 500s |
FirePass 4100 |
EX-1500 |
| Vendor |
Juniper Networks |
Nokia |
F5 Networks |
Aventail |
| Price as tested |
$48,000 |
$65,000 |
$43,980 |
$39,000 |
| Pros |
Excellent interoperability and great flexibility; clean architecture and implemen-tation throughout; broad client support. |
Fine-grained access control; broad client support; underlying appliance platform offers diverse additional services such as dynamic routing. |
Easy to configure for remote access environ-ments; nice portal configuration tools; broad client support. |
Smooth end-user experience, especially in Windows environment; fully integrated high availability and scalability features. |
| Cons |
Complex management interface.
 |
Poor integration of network extension client with incon-sistent endpoint security and access controls. |
Lack of fine-grained access control. |
Management GUI makes it difficult to control policy; plethora of options can confuse an end user with unpredictable results. |
| Score |
4.5 |
4.2 |
4.0 |
3.6 |
|
| Product |
Caymas 525
|
Netilla Security Platform
|
Connectra
|
VPN Gateway 3070
|
| Vendor |
Caymas Systems |
AEP Networks |
Check Point |
Nortel |
| Price as tested |
$45,000 |
$65,250 |
$79,300 |
$26,000 |
| Pros |
Clean architecture and strong feature set; clearly well put together even with rough spots. |
Thin client solution eases Citrix and Windows Terminal Services, terminal emulator needs; scales down elegantly. |
Great experience for Windows Internet Explorer users; Smart Defense allows for on-gateway security.
|
Great service provider and large deployment model; integration of IPSec and SSL VPN in same chassis. |
| Cons |
Painfully slow GUI; more small bugs than should be shipping with the products at this stage; missing features such as portal customization and management, certificate-based authentication and pre-login endpoint security. |
Restrictive endpoint security implementation. |
Brittle in interoperability tests; no high availability features. |
Clumsy management; endpoint security not appropriate for SSL world. |
| Score |
3.6 |
3.3 |
3.3 |
3.3 |
|
| Product |
Array SPX-5000 |
SSL-VPN 2000 |
Fortigate-3600 |
| Vendor |
Array Networks |
SonicWall |
Fortinet
|
| Price as tested |
$60,000 |
$2,300 |
$30,000 |
| Pros |
Service provider-oriented device fits well with that category of deployment; extensive virtualization features. |
Simple deployment model for SMB environment. |
Easy to handle HA. |
| Cons |
Clumsy to use; coarse security granularity. |
First version lacks enterprise features such as multiple user groups, SecurID support, port forwarding, fine-grained access controls and SNMP links; above-average bug count. |
Poor overall design; massive amount of bugs. |
| Score |
2.9 |
2.5 |
2.0 |
|
 |
| The breakdown |
Juniper
|
Nokia
|
F5
|
Aventail
|
Caymas
|
Check Point
|
Nortel
|
AEP
|
Array
|
SonicWall
|
Fortinet
|
| Access control 20% |
4.5 |
4 |
3 |
3.5 |
4 |
3.5 |
3 |
3.5 |
3 |
2.5 |
2 |
| Interoperability 20% |
4.5 |
4.5 |
3.5 |
3.5 |
3.5 |
3.5 |
3.5 |
4 |
3 |
2 |
1 |
| Manageability 15% |
4.5 |
4 |
4.5 |
4 |
4 |
3 |
3 |
3 |
3 |
3 |
3 |
| Portal and virtualization 15% |
5 |
4 |
5 |
3 |
3 |
3 |
4.5 |
3 |
3 |
4 |
2 |
| High availability 10% |
4.5 |
4.5 |
4.5 |
4.5 |
4 |
2 |
3 |
3 |
3 |
2 |
3.5 |
| Authentication 10% |
5 |
5 |
5 |
3.5 |
3 |
4 |
4 |
3.5 |
3 |
1.5 |
1 |
| Endpoint security 10% |
3 |
3 |
3.5 |
3 |
3 |
3.5 |
2 |
2.5 |
2 |
2 |
2 |
| TOTAL SCORE |
4.5 |
4.2 |
4.0 |
3.6 |
3.6 |
3.3 |
3.3 |
3.3 |
2.9 |
2.5 |
2.0 |
| Scoring Key: 5: Exceptional; 4: Very good; 3: Average; 2: Below average; 1: Subpar or not available |
|
|
|
