I have been interested in SSL VPNs for some time, and the most recent article is a comparative review published in TechTarget's Information Security magazine's September 2006 issue. The review was conducted at a special lab on the Stanford University campus in June and examined products from Cisco, Checkpoint, Aventail, F5, and Juniper.
You'll
notice that all of the comparative reviews recently omit Symantec and Cisco --
they don't seem to find the "right" time to get their products in
front of the hands-on reviewers at the leading IT publications. Nevertheless,
you can find links below along with the vendor's own sites and my own brief
commentary on their positioning.
This
page was last updated September 6, 2006. If you have additions or corrections, please
send me an email.
Infoworld:
Not a
very satisfying review of six products was done in Feb 2005 by Keith Schultz
http://archive.infoworld.com/reports/06SRsslvpn.html
Network World:
Joel Snyder's
review in December 2005 of 11 products with Juniper coming out on top:
http://www.networkworld.com/reviews/2005/121905-ssl-test-intro.html?t5&story=121905-ssl-test-intro
John Girard's
December 2005 report http://mediaproducts.gartner.com/reprints/juniper/article2/article2.html
SC
Magazine:
Over a
dozen products tested by Rene Millman and others in October 2005
Secure
Enterprise/Network Computing:
A
comparison of nine products done in August 2005 by Joanne VanAuken
http://www.secureenterprisemag.com/products/showArticle.jhtml?articleID=166400994
Breakaway
Security Group:
Not a
very critical site, but a good compendium of information and a nice page of
links to vendor-sponsored white papers
http://sslvpn.breakawaymg.com/index.php
eWeek:
Andy GarciaÕs 2004
test of 4 products:
http://www.eweek.com/article2/0,1895,1585449,00.asp
|
Vendor, link |
Product Line |
Strom's opionion of notable position and features |
Ratings NWW, IW, NWC |
Cost (IW, NWW, NWC) |
|
AccessAnywhere |
Managed services and product versions available |
|
|
|
|
AEP Netilla Security Platform |
New acquisition, strong European presence |
NWW: 3.3/5 IW: 8.0/10 |
NWW:$62,250 IW: $34,300 |
|
|
Array SPX |
SSL acceleration and high-performance focus |
NWW: 2.9/5 IW: 8.5/10 NWC: 3.8/5 |
NWW:$60,000 IW: $25,000 NWC: NA/$60,000 |
|
|
Smart SSL VPN |
Leading supplier to ISP/carriers, specialist in SSL VPNs |
NWW: 3.6/5 IW: 8.4/10 NWC: 4.1/5 |
NWW: $39,000 IW: $28,000 NWC: $21,500/ $53,000 |
|
|
Identity Driven Access Gateway |
Deep inspection access control |
NWW: 3.6/5 NWC: 4.1/5 |
NWW: $45,000 NWC: $10,000/ $45,000 |
|
|
Connectra |
Broad base of complementary technologies |
NWW: 3.3/5 NWC: 3.4/5 |
NWW: $79,000 NWC: $15,000/ $60,000 |
|
|
ASA and PIX appliances |
Lagging behind technologically |
|
|
|
|
Access Gateway |
Lacks integration with diverse product lines |
|
|
|
|
FirePass |
SSL acceleration and high-performance focus |
NWW: 4.0/5 IW: 8.8/10 NWC: 4.3/5 |
NWW: $80,000 IW: $25,000 NWC: $28,000/ $70,000 |
|
|
FortiGate |
Part of their security appliance feature set |
NWW: 2.0/5 |
NWW: $30,000 |
|
|
|
SA product line from Neoteris/Netscreen |
Market sales leader, Neoteris line finding further traction too. |
NWW: 4.5/5 IW: 8.9/10 NWC: 4.5/5 |
NWW: $48,000 IW: $34,000 NWC: $7,000/ $59,000 |
|
SSL VPN |
Sales dropping, lagging behind on features |
NWW: 4.2/5 IW: 7.9/10 |
NWW: $65,000 IW: $28,000 |
|
|
VPN Gateway |
Lagging behind on features |
NWW: 3.3/5 NWC: 4.0/5 |
NWW: $26,000 NWC: $35,000/ $65,000 |
|
|
Base5 |
Lacks portal but impressive features |
NWC: 3.8/5 |
NWC: $10,000/ $50,000 |
|
|
PortWise |
Most complete mobile support |
|
|
|
|
SSL VPN 2000 |
New entry to the field, solid low cost hardware solution |
NWW: 2.5/5 |
NWW: $2,300 |
|
|
Sygate Enterprise Protection and Enterprise Security Appliances |
Integrated intrusion prevention and access control |
|
|
|
|
Intelligent Application Gateway |
Low price point, high applications and email-specific coverage |
NWC: 4.4/5 |
NWC: $27,000/ $72,000 |
Notes:
IW: Infoworld,
cost per 100 users, 0-10 point scale
NWW: Network
World, cost per TK users, 0-5 point scale
NWC: Network
Computing/Secure Enterprise tests on both per 100 and per 1000 users, 0-5 point
scale
© 2006 David Strom Inc.