Content

Base5

Permeo’s Base5 is a RedHat-based solution that turns a standard server into an SSL VPN. Obviously, this means you need to supply your own server, and you will need to check the hardware support – our first attempt to install the software crashed anaconda (RedHat’s installer) in its usual ugly way.

Take two, on a different system, installed fine. The install appears to be fairly standard RedHat Linux, with most services removed and only SSL and SOCKS services open. But no packet filtering, so we wonder if the software might be open to ICMP DoS attacks.

The admin interface is very clean, and uses a bottom bar with green and red lights to indicate the status of various services. To get started, you create an initial user and group, and a server with an access rule and default set of applications. We would have liked this to be less rigid: some users might prefer to set up all the user configurations first, for example.

The software works differently from other SSL VPNs. It uses SOCKS for proxy forwarding, by assigning a second IP address (even if you only have one interface), which listens on the HTTPS port of 443, rather than the normal 1080. Support for web applications and port forwarding is all there, and handled everything we wanted it to, although the options are somewhat basic.

At the user end, Permeo offers a browser portal like most other products, but prefers to run the Base5 Connector agent on users’ systems when they connect (so it is not, in fact, client-less at all).

The connector handles access to resources, but puts shortcuts in a system tray icon/menu and closes the browser window from which the connector was launched. Come IE7, with multiple tabs, that may mean users lose an entire set of browsed pages.

And when you disconnect, the connector forcibly closes all your running applications without warning. Maybe your users would get used to it, but don’t bet on it.

Despite being a Linux-based product, the front-end is very Windows-centric: all the endpoint items like the connector and the software checks only work on Windows. We liked the ability to check for a specific MD5 hash of an application, rather than just the EXE name, but did wonder if that would cause problems when a patch changes IE’s checksum.

Overall the Permeo solution is an interesting take on SSL remote access, and is priced attractively.

Product title
Base5
Product info
Name: Base5 Description: Price: from $50 per seat
Strength
Low cost and easy to configure.
Weakness
Connector agent might cause problems.
Verdict
Covers most of the bases, but may fall short for more demanding users.

Related

DevSecOps Scanning Challenges & Tips

There are many ways to do DevSecOps, and each organization — each security team, even — uses a different approach. Questions such as how many environments you have and the frequency of deployment of those environments are important in understanding how to integrate a security scanner into your DevSecOps machinery. The ultimate goal is speed […]

It Should Be ‘Cybersecurity Culture Month’

It’s Cybersecurity Awareness Month, but security awareness is about much more than just dedicating a month to a few activities. Security awareness is a journey, requiring motivation along the way. And culture. Especially culture.That’s the point Proofpoint Cybersecurity Evangelist Brian Reed drove home in a recent appearance on Business Security Weekly.“If your security awareness program […]

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.