WatchGuard SSL 100 review
WatchGuard offers an affordable and secure SSL VPN solution to SMBs, with numerous authentication methods
Review Date: 19 Nov 2009
Reviewed By: Dave Mitchell
Price when reviewed: £1,375 (£1,581 inc VAT)
Features & Design
Value for Money
Despite being a network security specialist, WatchGuard hasn't focused heavily on SSL VPNs. Its latest SSL 100 appliances signal its intent with a range of authentication methods that rival more costly enterprise-level solutions.
Prices start with a 25-user licence that can be upgraded in packs up to the maximum 100 users. This 1U appliance is deployed in a DMZ where you configure your firewall to route remote user requests through to it.
For installation we opted for the single arm mode which only uses one of the two available Ethernet ports. You can use the second port to provide remote access from two separate DMZs. At this stage we'd recommend taking time out to understand how all the authentication methods work as the appliance supports no fewer than 16.
WatchGuard offers five methods starting with browser authentication using PINs or passwords. You have SSL challenge and response, which uses tokens to generate passwords, and Mobile Text, which sends OTPs (one time passwords) via SMS to users after they provide their details at the web portal.
There are 11 other methods available, including AD, LDAP, Novell's eDirectory and form-based authentication. Users can be added manually, but we opted to import test users from our AD server as this allowed us to include account details such as AD passwords and mobile numbers.
Two types of network resources can be defined and those accessed using a browser are classed as web resources. These can require a separate application to access them and would include RDP and third party apps. To help with setup, WatchGuard provides templates of partially configured standard resources.
We defined resources for OWA, RDP, Windows file shares and our SBS workplace to test WatchGuard's authentication methods and were impressed with the tight security. The SSL challenge requires the Mobile ID client installed on the user's laptop or a Java-enabled mobile phone. Users enter their credentials at the portal and are challenged with a number sequence.
Using the Mobile ID client they enter their unique PIN followed by the number sequence, which generates an OTP to enter into the portal. The Mobile ID client keypad is a smart feature that randomly jumbles its numbers to confound keyloggers. The Web SSL method also fools keyloggers as it requires passwords to contain at least two numbers that must be entered using the portal keypad.
The appliance offers end point assessment where it scans client systems looking for specific files, Registry entries and required software. The Abolishment feature clears browser caches and downloaded files. And you can even use SSO.
The SSL 100 delivers some of the toughest security for remote workers at a price SMBs can afford. The range of authentication methods is unbeatable at this price, allowing remote access to network resources to be strictly controlled.
Author: Dave Mitchell
- Dell profits slide 79% amid buyout talks
- Forget cloud subscriptions: users prefer standard licences
- McAfee: cloud storage could help spread viruses
- Analysts question Windows 8 as UK PC shipments slump
- Google pools storage across Gmail and Drive
- Ofcom accused of killing off VoIP competition
- ShoreTel dock turns iPhones and iPads into desk phones
- Bill Gates says iPad users "frustrated"
- Intel Silvermont promises three-fold boost for tablets
- Customers fume as BT introduces IP sharing
- Hands on with the new Google Maps
- Nokia Lumia 925 review: first look
- Why I won't subscribe to Creative Cloud
- GoPro camera strapped to a remote-control helicopter: the ultimate boy's toy
- Acer Iconia A1 review: first look
- Acer Aspire P3 review: first look
- Acer Aspire R7 review: first look
- How we produce the PC Pro podcast
- Google Now draining iPhone battery
- The government website that doesn't work with IE, Chrome, Firefox, Safari, Macs or smartphones
- How to get a job in cloud computing
- Are today's tech start-ups simply get-rich-quick schemes?
- Choosing the right tablet for business
- Best free antivirus for 2013
- The best business broadband: how to choose the right package
- Choosing your web hosting package: space, bandwidth, service-level agreements and email handling
- Windows Server 2012 features in-depth
- How to protect your business against spear phishing
- How to install virtual servers with Hyper-V
- Implementing virtualisation through Hyper-V
- How to boost your mobile reception
- How to fix Facebook: Social Fixer
- Taking the stress out of WordPress updates
- Where to download free web fonts
- Turn your tablet into a Sky+ remote control
- How to measure the success of a new IT system
- Three years on: the state of the tablet market
- Windows 8: what works and what doesn't
- Yes, I write down my passwords
- How to make money from apps
There are dozens of exciting prizes up for grabs on PC Pro Competitions. All our competitions are free to enter. Try your luck.ENTER NOW