It’s taken a while, but a growing number of networking vendors are waking up to the fact that small businesses can also reap the benefits of SSL-VPNs. Appliance-based solutions have traditionally been targeted at enterprises with price tags to match, but Linksys’ diminutive RVL-200 looks too good to be true at under $250.
Billion’s well-featured BiGuard S10 costs more than $750 and Netgear’s diminutive SSL312 can be had for just less than $500, so how has Linksys managed this remarkable feat? The RVL-200 features a quartet of Fast Ethernet LAN ports, and the single RJ-45 WAN port requires a cable or DSL modem to be attached for internet access. It takes the same tack as the BiGuard S10, as it incorporates a NAT/SPI firewall that means it can front a business internet connection. Netgear’s SSL312 is designed to sit behind an existing firewall, which will need to be configured with appropriate port-forwarding rules to allow external users to access it.
Installation is easy, as the intuitive web interface provides a wizard for internet access, and the appliance supports PPPoE and dynamic IP addressing, or you can provide static address details. For testing, we used the same procedures as for Billion and Netgear, by giving the WAN port a static IP address, placing a few test clients on this side and putting the appliance in between them and our LAN resources. QoS is available where you provide details of the upstream and downstream bandwidth, pick services from the drop-down list or define your own and decide on a minimum and maximum rate in Kb/sec for both directions. Alternatively, instead of rate control, you can assign high or low priorities to selected services.
So far, the RVL-200 is looking good, but it isn’t until you get to the remote access options that it becomes clear why this appliance costs so little. For IPSec VPNs, it only supports a single tunnel specifically for connecting to another remote office. Click on the SSL-VPN tab and you’ll find there’s nothing to do except add new users and set up an IP address range for incoming remote clients. For the former, the appliance offers a local user database or it can integrate with AD, LDAP, NT domains and RADIUS servers.
Whereas Billion and Netgear offer network and transport extenders plus a Network Places option, the RVL-200 only provides the network extender. Essentially, this creates a secure encrypted tunnel to all IP-based resources on the LAN. Remote clients point their browser at the appliance’s WAN address, which presents them with a login portal. It then loads an ActiveX control which, incidentally, is the same as used by Billion. This creates the tunnel using an IP address from the appliance’s pool. Once the browser is closed, a cache cleaner comes in and clears out the history and cache on the client system. Furthermore, to use SSL-VPNs, remote management must be activated and the appliance only supports five concurrent tunnels.
During testing, we found the RVL-200 easy to use. But if you want more control over the LAN resources your mobile clients can access over SSL-VPNs, look to Billion and Netgear.
This Review appeared in the March, 2007 issue of PC & Tech Authority Magazine
Source: Copyright © PC Pro, Dennis Publishing
Browse this Review: