OvisGate SSL VPN
It is easy to set up and configure and the user interface is largely intuitive.
Documentation is unexceptional.
A simple system suitable for companies looking for inexpensive VPN facilities.
The OvisGate SSL VPN software can be installed on suitable Windows machines to provide SSL VPN connections to many types of client/server systems.
There is a facility to check the serviceability of the installation before configuration, while administration is carried out using a web browser, which gives access to a number of tabbed panes for system configuration. No online help is available, although the OvisGate documentation installed with the software is in HTML and can be read in another browser window, so it is possible to have this available while configuring the system.
The documentation is sufficient, but not comprehensive. It provides examples of the various configuration screens, but no examples of possible deployment scenarios. But the administration interface is easy to use and gave us few problems in practice. We had a working VPN running in minutes and were able to access websites and Terminal Services from clients.
It is possible to restrict administration access to specific ranges of IP addresses while denying it to others, which enables the system to be administered remotely while retaining tight security. A similar facility is available to restrict user IP addresses to certain ranges, providing further security. It is possible to set a maximum file size limit for file uploads, although it applies to all users and cannot be tailored to individual requirements.
Users access the VPN by pointing a Java-enabled web browser at the OvisGate system. Once logged on, a web page shows the services available. All users will see the same web page, giving access to web resources and FTP services, terminal services and network resources.
Another user login screen controls access to networked resources. Each networked machine is still subject to the Windows security system, so users must have access rights to networked resources on individual machines to be able to use them. This allows some resources to be restricted to specific users, while allowing others to be generally available.