Small businesses tired of the complexity of IPsec VPNs can take solace from the fact that a number of networking vendors have seen the light and are now delivering very affordable SSL-VPN appliances. Less than a year ago, these security products commanded top dollar prices and targeted large businesses with deep pockets but Linksys’ compact RVL-200 aims to deliver an SSL-VPN solution at a remarkably low price.
IPsec VPNs undoubtedly offer a very secure means of creating encrypted tunnels with remote sites and enabling mobile workers to access the main network. However, for the latter they are nothing less than tedious to set up and configure, making them a very poor choice for small businesses with limited on-site IT expertise. A key feature of SSL-VPNs is that the remote worker just needs to have a web browser loaded to create a secure tunnel over HTTPS so there’s no messing around with complex client utilities, hashing algorithms and lengthy encryption keys.
We’ve already been impressed with Billion’s BiGuard S10 and Netgear’s SSL-312, which both offer an impressive range of features but cost substantially more than the RVL-200. Linksys has managed to pack in a good range of security measures but as you’ll see there are more than a few sacrifices to get the price tag down to double figures. You get a quad of switched Fast Ethernet ports for LAN connections and the single RJ-45 WAN port accepts a suitably equipped cable or ADSL modem. As with Billion’s BiGuard, the RVL-200 incorporates a NAT/SPI firewall so can act as a secure gateway for Internet access – Netgear’s SSL312 doesn’t offer these features and is designed to work alongside an existing firewall.
The web interface is very easy to use and a wizard gets Internet access up and running. From here you select PPPoE, PPTP or dynamic IP addressing or apply a static address to the WAN port. The System Summary page provides plenty of operational information and a large graphic of the appliance shows which ports are active. Beneath this you have details on the LAN and WAN IP addresses plus firewall and intrusion detection status.
A quick glance further down shows why the price tag is so low - the appliance only supports a maximum of five SSL-VPN tunnels. Billion’s S10 supports ten SSL-VPNs, while Netgear can handle up to 25 tunnels. Furthermore, you can only create a single IPsec VPN tunnel with another router for secure site-to-site communications.