Now in version 3.6, the Tsunami VPN appliance sports a simpler management interface and new tools for managing access rules, as well as the ability to send password expiration warnings to remote users who authenticate against NT domains.
Setting up the hardware, i.e. putting up the rack, connecting it to our test network and connecting the serial ports of the appliance for initial configuration, was physically easy. The manual was not really all that clear when it came to specifying how to configure a terminal session. It took a bit of thinking and waiting before the terminal session sprang into life. The run-through of inputting Ethernet ports, DNS entries, etc., was not as clear-cut as other boxes in the test. But we persevered and eventually won out and got the product up and running.
Once again a similar pattern to other boxes on the test manifested itself, with final configurations being made through a web browser. The interface looked friendly and seems, on the face of it, comprehensive. The first screen just showed the CPU processor usage. That was interesting enough, but we really wanted to get on with getting the box working and doing the job of a VPN.
A menu bar runs along the top of the web page showing options such as 'server,' 'users and groups' and 'access profiles.' Down the side were further options that could be selected. Users could be authenticated by an internal database or by another method such as LDAP, Radius and NT Domains. This was easier to set up than others in the Group Test.
What really got us stuck was getting file access working. This was no simple matter and took a lot longer to do than setting up links to internal web server home pages. The manual seemed rather obtuse on the subject and we would have welcomed a clearer guide on how to set this up. SafeWeb has said that normally it would guide customers through the implementation, something not open to them during the review process.
Accessing the box externally as a user was simple enough and the fact that the appliance can authenticate back to the Windows domain meant there was no need to go through a lengthy process of setting up users again.
We felt that this box was good but not outstanding as it is let down by a poor user manual and an interface lacking in intuitiveness.