• United States
Director, Network World Test Alliance

Best Products: Security infrastructure finalists

Feb 27, 20062 mins
Check PointIntrusion Detection SoftwareNetworking

Back to the Security Infrastructure winner

F5 Networks’ FirePass 4100 and Nokia’s Secure Access System 500s earned finalist spots for their performances in our SSL VPN test. The FirePass got high marks for providing easy, secure remote access to users, Snyder said. The product is a perfect fit for many environments, such as in cases of employee remote access where users are fully or partially trusted, he added. The Nokia SSL VPN impressed Snyder with its fine-grained access control. “If you’re a security and control freak, Nokia’s strategy should hit your comfort level,” Snyder wrote. The SSL VPN should be especially interesting to enterprises that have settled on Nokia firewalls, with commonality to configuration and ongoing management parameters. Unlike most SSL VPN vendors, Nokia offers a heavy suite of services on the underlying appliance, such as IPSec, clustering and dynamic routing.

Check Point’s VPN-1 Edge W touts wireless access support, better performance and a new print server. Ties to Check Point’s wider VPN product line also was a plus for this product. We tested VPN-1 Edge W with a Check Point NG firewall and were able to bring up a tunnel within a few seconds. An elegant feature of Check Point’s overall VPN architecture is the dynamic pushing of network configuration, meaning that the Edge W doesn’t have to be configured to know anything about the central VPN server besides its IP address and how to authenticate.

SonicWall’s Pro 1260 Enhanced earned finalist status for appropriately combining the brains of SonicWall’s popular TZ-series firewalls with the body of a 25-port managed 10/100Mbps switch, Snyder said. Snyder also liked the revamped SonicOS software, which lets each firewall port be configured with its own security zone. You can set up an individual firewall for every system in a demilitarized zone, preserving the DMZ zone even if any one system sitting behind the firewall is cracked.

Previous story: Juniper’s Secure Access SSL VPN appliance

Next story: Symantec’s DeepSight Alert Services >