SonicWALL SSL-VPN 2000 review
Don't waste time with IPsec VPNs when you have an SSL-VPN appliance that's much easier to use and more versatile.
Review Date: 19 Sep 2007
Reviewed By: Dave Mitchell
Price when reviewed: exc VAT
SSL-VPNs offer a compelling solution for providing secure remote access to network resources, and are easier to implement and manage than traditional IPsec VPNs - mobile workers just require a standard web browser as opposed to complex client utilities.
SonicWALL moves into this market with three appliances. The SSL-VPN 2000 on review is aimed at businesses with up to 500 employees. It offers a reasonably powerful hardware package but, although there are no user limitations, SonicWALL recommends it handles no more than 50 concurrent connections. Unlike Billion's BiGuard S10 (web ID: 100213), it doesn't offer any firewalling capabilities, designed to sit behind an existing firewall and control access to services placed in a DMZ or a separate subnet on the LAN. It offers four Fast Ethernet ports, but only the first can terminate SSL-VPN sessions. Consequently, its management interface can only be accessed from a system connected to this port.
For testing, we placed some XP systems on the first port to act as remote clients and connected the second port to our LAN where our application servers resided. The web interface is easy to use. You start by defining addresses for each port, default routes to the remote networks and, if required, static routes as well. For user authentication, you can use the internal database, but, as with other SSL-VPN appliances, there's also support for NT domain, AD, RADIUS and LDAP authentication.
You define what services you want to make available by creating network objects. Each can define all services, or you can choose from HTTP, HTTPS, RDP, VNC, FTP and file shares. A new feature is the Citrix portal, which replaces the ICA client with a Java app that's downloaded on demand. Single IP addresses or IP networks are assigned to each object and you can have multiple entries for each one. Policies fine-tune access to network resources and act at the global, group and user levels.
When a user authenticates to the appliance, they're presented with SonicWALL's customisable Virtual Office portal, which provides access to the NetExtender client utility, file sharing and any bookmarks their policy allows them to see. NetExtender transparently pushes an ActiveX thin client to their system to create an encrypted tunnel over PPP, and during this process they get an IP address from the pool associated with their policy.
During testing, we had no problems with the appliance, and were able to create and remotely access services on our LAN including FTP, remote desktop, file sharing and web servers. Bookmarks are a useful aid for users, as these are placed on their personnel portal for quick access to remote services, and we could create ones with a file path that linked only to specific applications.
SonicWALL shows precisely why SSL-VPNs are the best bet for providing secure remote access to mobile workers. The SSL-VPN 2000 is simple to deploy, doesn't cost a fortune and offers a very good range of functions for the price.
Author: Dave Mitchell
- Child abuse showdown "hijacked by ignorant MPs"
- Government wheedles more funding for online child protection from ISPs
- AMD’s "Seattle" ARM chips set for 2014 release
- Microsoft offloads cheap Surface RT tablets to schools
- Outlook.com to ditch linked accounts over security fears
- Adobe’s subscription-only Creative Cloud goes live
- Skype rolls out free video voicemail
- Spotify confirms UK outage
- Google builds system to identify child abuse images
- Google balloons beam broadband to remote areas
- Huawei Ascend P6 review: first look
- Adobe Illustrator CC review: first look
- Let MPs tell us what they really want ISPs to block
- Adobe Photoshop CC review: first look
- WWDC 2013 and iOS 7 launch: live blog
- Sony VAIO Pro review: first look
- Want child porn blocked? Meet the IWF
- Is it worth upgrading a media centre to Windows 8?
- Flickr redesign: is it enough to tempt photographers back?
- Hands on with the new Google Maps
- Manage a mailing list with MailChimp
- Best Linux distros for 2013
- 36 best Android apps
- How to track a stolen phone, laptop or tablet
- The man who teaches the world to Google
- 38 best iPad apps
- Moving PC made easy
- 35 best web apps
- Software subscriptions return us to a life of servitude
- Dropbox: everything you need to know
- Facebook "click on the photo" scams: how they work
- Three alternatives to Word's spelling and grammar checker
- Google two-step verification: a must for business email
- Microsoft Office and the death of upgrades
- The ICO's shame-faced u-turn on cookies
- Start8 and ModernMix: making Windows 8 work on a desktop
- How to boost your mobile reception
- How to fix Facebook: Social Fixer
- Taking the stress out of WordPress updates
- Where to download free web fonts
There are dozens of exciting prizes up for grabs on PC Pro Competitions. All our competitions are free to enter. Try your luck.ENTER NOW