We were interested to see how the AEP Netilla Security Platform would shape up, following this year's merger of AEP and Netilla.
The system is a 1U rack-mount appliance, supporting failover between pairs of devices. Like all the products on test, it is configured through a web interface.
The interface is a bit clunky. Setting up an SSL VPN involves a lot of steps, and more feedback on the order of events would be useful, or even a full wizard-driven interface for common tasks. But the process is well-documented, so it was easy to get started.
We created groups of users ("V-Realms"), each of which can support different forms of authentication, and users can belong to multiple realms to allow different authentication depending on, for example, where they log in.
Chained authentication is easy to configure via multiple-stage authentication, including an endpoint check using Sygate's endpoint client software.
Authentication includes Radius, SecurID, LDAP and Kerberos as well as internal users and groups, although we could find no way to import an existing list of users.
Next, applications and host servers are set up. AEP supports thin-client apps on Microsoft, Unix and character terminals via Java-based proxy software. Single applications configured across multiple servers allows for load balancing. Then applications are associated with V-Realms to allow access (or to forcibly start the service when a user connects).
Web applications are just as easy to configure via full reverse proxy or just port forwarding, though you must create additional access policies for each web server.
Users logging in via a browser come to a "web-top": a simple page with icons for all allowed applications, links to mapped network drives (operating via a nifty java browser) and to launch SSL tunnel services, all of which worked just the way we wanted them to. You can configure the look and feel of the user interface to suit your organization, too.
Overall, the AEP is not packed with bells and whistles, but delivers all the services it should with a full range of extremely well documented admin facilities.