Secure Sockets Layer virtual private networks are commonly used when easy access to corporate applications is required to be offered to partners, remote employees, and other people and businesses that aren't necessarily trusted enough to be granted access to your corporate networks.
SSL VPN systems are commonly used in larger environments, such as large corporations, universities, libraries and companies where extranets have been deployed and are heavily used.
However, there are limitations to the way SSL VPNs are deployed now. For examples, they're not always intelligent, they're difficult to configure on users' machines, and they're hard to deploy on an application-specific basis. The market has been ready to see a product that takes the concept and convenience (when configured properly) of an SSL VPN and marries it with the smarts and additional security of a packet-inspection type of product.
Hence, I was pleased when Microsoft and Celestix Networks arranged to send me a review unit of the Celestix WSA4000 SSL VPN Appliance. In this review, I'll take a look at the installation and configuration of the device and survey its major features and capabilities, its salient value points and a couple of downsides. Read on to discover more about the Intelligent Application Gateway (IAG) and the Celestix appliance.
This is a reasonably well-equipped machine with the following configuration:
- A 1U rack-mountable case (1U is 1.75 in. high.)
- A Pentium D Dual Core processor, with 1 MB of cache for each core
- 2 GB DD2 RAM
- A dedicated, onboard hardware SSL accelerator
- An 80 GB hard disk
- Six Gigabit Ethernet ports
This unit is essentially the midrange offering from Celestix. The company offers the lesser-powered WSA3000 model, which loses some front-side bus speed and a dedicated hardware SSL accelerator, and a more expensive WSA6000 model, which adds another rack unit in size but essentially adds another instance of each component for maximum reliability.
How does the arrangement between IAG and the hardware work? Microsoft supplies the IAG software to several partners, which build hardware appliances around it. The IAG software itself isn't available separately; you acquire it as the software foundation of a hardware appliance, like the Celestix box that's the focus of this review. There are other appliances on the market with the IAG software running on them, but each of those devices has different hardware configurations, features, support offerings and so on.