F5 Fires Up Powerful SSL VPN Solution
APPTECH, A SOLUTION PROVIDER BASED IN TACOMA, WASH., HAS SPECIALIZED IN NETWORK AND SOFTWARE SERVICES SINCE 1988. APPTECH IS A MICROSOFT CERTIFIED PARTNER AND A SYMANTEC ENTERPRISE SOLUTION PROVIDER. THIS PRODUCT WAS TESTED AND REVIEWED BY APPTECH CEO DARREL BOWMAN; DEBI BLOCK, CERTIFIED IN SECURITY+ AND NSA; AND JOHN GREER, CCNA, CCAI.
The FirePass 4100 appliance from F5 Networks is an impressive and powerful SSL VPN solution. It supports clustering environments up to 10 nodes, allowing up to 20,000 concurrent users—1,000 concurrent users per node—and secure Web-based remote access to corporate applications and desktops.
The FirePass 4100 includes four 10/100/1000 copper Ethernet ports and three PCI slots for optional SSL acceleration as well as an 80-Gbyte hard drive. It's Federal Information Processing Standards (FIPS) 140-compliant, an important selling point for solution providers serving the health-care, government and military verticals.
The FirePass 4100 is an enterprise-class appliance engineered to provide remote access as well as create SSL VPNs with greater ease and manageability than any products previously available. The controller is compatible with any operating system supporting SSL and can perform load-balancing for all connected machines. The appliance supports secure access from PDAs, cell phones, WAP and iMode phones connected to e-mail and other applications.
To evaluate the appliance, we used a test network running Windows Server 2003 Active Directory and using Cisco and AdTran access routers and switches at Clover Park Technical College, Lakewood, Wash. The routers were delivering to network hosts running Windows 2000 Professional.
The FirePass 4100's advertised half-hour installation time is accurate. However, the time frame required for deployment will vary based on the services each customer requires. Each service requires careful attention.
Accessing resources or processes can be managed down to the tiniest detail using the internal Web management interface. The complex and flexible interfaces do take time to configure, however. The realtime Web management interface shows a variety of load factors and other performance metrics. In addition, reports are available via SNMP and syslog. The amount of information available can be customized easily to show as much or as little as needed. We quickly set up the appliance to allow an administrator to use a remote desktop connection from a nontrusted network.
To authenticate, we chose the importation of Active Directory objects as one of the options, which include LDAP, RADIUS, Certificate Authorities and others. The FirePass 4100 performs authentication via a local database, allowing it to fit into a variety of existing installations. Once authenticated, the appliance screens for client parameters as set by the administrator. This offers exceptional quarantine capability, allowing remote users group-assigned access to patches and updates. Network availability is based on a user's group and access rights. The FirePass 4100 can accommodate almost any type of remote user.
F5 offers impressive training options and on-site installation and configuration services. Depending on configuration, there are several support and warranty plans. For large customers that need around-the-clock support, F5 offers 24x7 technical support from live engineers. Online database support is also available. Customers can not only get answers to their questions, but also can receive software updates and information about new version releases. Technical advisories are also available via e-mail. The standard support plan is geared toward customers who have no need for around-the-clock support. This support is offered 8 a.m. to 6 p.m. local time, Monday through Friday. F5 also offers 24-hour RMA or four-hour Rapid RMA.
The FirePass appliance starts at $24,990 for 100 concurrent users. Additional users can be added at extra cost. FIPS SSL accelerator cards for FIPS compliance start at $13,995. The support packages range in price from $2,835 to $4,255 per year. F5's partner program offers four levels: Reseller, Authorized, Premier and Gold Advantage. Premier and Gold Advantage partners must fulfill financial and certification commitments. F5 did not disclose average reseller margins.