Aventail recently updated its ASAP (Anywhere Secure Access Policy) software, and it provides a number of improvements. The most noticeable changes are improved certificate management and static route configuration.

The system integrates with external authentication services, such as Active Directory Services, in a seamless manner, and there are facilities to check that the configured security options actually work before too much effort is expended in setting up resource allocations and user privileges. The configuration procedures work well and are clearly laid out, so that changing the device configuration, adding new users and groups and adjusting resources is straightforward. Changes are not applied immediately, but must be committed before they become effective. The system displays a discreet reminder to this effect when changes are pending. Outstanding changes can be cancelled before application.

This process tends to take a little time, and we found that setting the device up to provide services for users was a long, drawn-out affair. The Quick Start feature guides the administrator through the initial set-up process, and the system worked with our test browsers and clients with no problems. However, we did have to enable pop-up windows in them to allow the OnDemand feature to work.

Aventail offers several client access modes, ranging from simple, but secure, access to web applications through to the full Secure Desktop mode. Further security is provided by a cache control feature that removes all traces of any browser activity when the connection terminates. The OnDemand feature provides access to Lotus Notes, Outlook and thin-client applications on a variety of platforms. For those who need the full VPN experience there is Aventail Connect, a downloadable Windows client that integrates secure access with the client.