Top SSL VPN Tools

Cisco edges F5 in review of SSL VPN remote access appliances.

VPN

We tested five products that deliver remote SSL VPN connectivity: WatchGuard SSL 560, Barracuda SSL VPN 380, Dell SonicWall EX-7000, F5 Networks BIG-IP Edge Gateway 3900 Platform and Cisco’s ASA 5515-X security appliance. We found each product to be capable, mature and established in the marketplace. Our top pick, the Cisco ASA 5515-X narrowly edged out the competition. The other four products were all runners-up, each with unique features that make them suitable for enterprise deployments. (Story version)

RELATED: Microsoft DirectAccess impresses

Java security questions answered

WatchGuard SSL 560

WatchGuard SSL 560

The WatchGuard SSL 560 is designed for midsized networks, with the capability of handling hundreds, but not thousands, of concurrent users. The WatchGuard SSL 560 had a somewhat dated interface and lacked the ability to dynamically link to external directories, e.g. Active Directory and LDAP. Setup and deployment was a breeze. This is a ‘no fuss’ solution ready to roll right out of the box.

Dell SonicWall EX-7000

Dell SonicWall EX-7000

This is a highly scalable, enterprise grade product capable of handling up to 5,000 concurrent users. The Dell SonicWall EX-7000 boasts excellent endpoint control and logging features. The admin interface is easy to navigate and setting up rules and resources is quick and intuitive.

F5 Networks BIG-IP Edge Gateway 3900

F5 Networks BIG-IP Edge Gateway 3900

The F5 has a lot of firepower and features, but we found configuration to be an arduous task. On the plus side, the F5 appliance has an impressive client interface and excellent reporting capabilities. Did we mention mind-boggling capacity and throughput? Another great feature is the modern looking dashboard. And an acceleration feature allows remote connections 10x faster than without acceleration.

Barracuda SSL VPN 380

Barracuda SSL VPN 380

Barracuda SSL VPN 380 is a mid-range device that proved to be very capable in creating resources and displaying system status. It also offers an efficient web admin interface that streamlines administration tasks. The unit also ships with built-in endpoint controls. Items that can be evaluated include OS and browser versions, anti-virus capability and whether an OS is up to date with all hot fixes (Windows only).

Cisco ASA 5515-X

Cisco ASA 5515-X

The Cisco ASA 5515-X security appliance narrowly edged out the competition. While it didn’t dominate in every category, the Cisco ASA 5515-X won top billing due to its rich feature set, powerful and granular configuration options and overall balance of capacity and features. We would not recommend this appliance to newbies, but accomplished system administrators looking for raw power and the ultimate control over remote connections will definitely want to consider the Cisco ASA 5515-X security appliance.

Microsoft DirectAccess

Microsoft DirectAccess

Microsoft’s DirectAccess is now fully integrated with Windows Server 2012. DirectAccess is designed to connect a VPN-type session automatically as soon as a compatible Windows client is connected to the Internet. Features include a simplified PKI infrastructure, allowing DirectAccess and RRAS to coexist on the same server, plus support for load balancing, multiple domains and DirectAccess servers behind NAT devices. However, DirectAccess works only Windows 7 (Enterprise or Ultimate) and Windows 8 (Enterprise).