Content

Aventail EX-1500

Aventail was probably the first company to conceive and market the idea of the clientless SSL VPN. However it has only recently brought out its own hardware appliance that does such a job.

The EX-1500 is based on version six of the company's ASAP (Anywhere Secure Access Policy) VPN platform.

Setting up proved easy - another matter of putting the box in a rack, plugging in a couple of cables to the internal and external parts of the network and some initial configuration via the appliance's serial port. The rest of the setting up is done via a web browser on port 8443.

The start up screen is very much a hand-holding affair, as part of the configuration page is given over to a step-by-step guide to getting the VPN box working within the infrastructure. Here we could change network settings, configure server certificates and define the method of authentication. Again there were no headaches here - just a matter of following the instructions.

Afterwards we were asked to create an access policy, users and groups, and personal links that users and groups will use to access network resources via the browser. All was pretty clear and uncomplicated, although we would have preferred to have the option to tie in users and groups with some kind of directory, such as Active Directory or NDS. We have been told by the company that this facility will appear in the next versions (available from November 1).

When accessing the VPN as a user, there are three different ways of logging onto the network: the clientless approach via the browser, using a Java-based (semi-clientless) access method or a fully-fledged configurable client. Aventail states that there are some circumstances where the use of a client is necessary to access the enterprise-class client/server applications that many users need. Most SSL VPNs only support web and simple server applications, and not these enterprise-class ones.

Setting up a client is a pain at the best of times with IPsec VPNs as they do not always work in the way vendors say they should. It was a different story here, as more hand-holding by the appliance meant that setting up an installer package for the road warrior was dead easy and meant that the ordinary user could download the executable as an email attachment and have it running in seconds.

Overall the product proved to be a good one and secure enough in all forms of access methods and though its well thought-out access policies.

Product title
Aventail EX-1500
Product info
Name: Aventail EX-1500 (VPN group test) Description: Price: from $13,995
Strength
Very easy to install and good choice of access methods.
Weakness
Setting up users and groups could be more integrated.
Verdict
Good VPN box for the medium to large enterprise.

Related

DevSecOps Scanning Challenges & Tips

There are many ways to do DevSecOps, and each organization — each security team, even — uses a different approach. Questions such as how many environments you have and the frequency of deployment of those environments are important in understanding how to integrate a security scanner into your DevSecOps machinery. The ultimate goal is speed […]

It Should Be ‘Cybersecurity Culture Month’

It’s Cybersecurity Awareness Month, but security awareness is about much more than just dedicating a month to a few activities. Security awareness is a journey, requiring motivation along the way. And culture. Especially culture.That’s the point Proofpoint Cybersecurity Evangelist Brian Reed drove home in a recent appearance on Business Security Weekly.“If your security awareness program […]

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.