/>
X
Why you can trust ZDNet ZDNet independently tests and researches products to bring you our best recommendations and advice. When you buy through our links, we may earn a commission. Our process

'ZDNet Recommends': What exactly does it mean?

ZDNet's recommendations are based on many hours of testing, research, and comparison shopping. We gather data from the best available sources, including vendor and retailer listings as well as other relevant and independent reviews sites. And we pore over customer reviews to find out what matters to real people who already own and use the products and services we’re assessing.

When you click through from our site to a retailer and buy a product or service, we may earn affiliate commissions. This helps support our work, but does not affect what we cover or how, and it does not affect the price you pay. Neither ZDNet nor the author are compensated for these independent reviews. Indeed, we follow strict guidelines that ensure our editorial content is never influenced by advertisers.

ZDNet's editorial team writes on behalf of you, our reader. Our goal is to deliver the most accurate information and the most knowledgeable advice possible in order to help you make smarter buying decisions on tech gear and a wide array of products and services. Our editors thoroughly review and fact-check every article to ensure that our content meets the highest standards. If we have made an error or published misleading information, we will correct or clarify the article. If you see inaccuracies in our content, please report the mistake via this form.

Close

Aventail EX-750

SSL VPN appliances are pretty commonplace these days and are no longer restricted to the corporate market. Indeed, there are now lots of affordable small-business products, starting at just a few hundred pounds. Compared to entry-level products, Aventail's EX-750 may seem a little expensive — but then it does have a number of features that are not available elsewhere.
alan-stevens.jpg
Written by Alan Stevens on
aventail-ex-750-lead.jpg
8.3/10

Aventail EX-750

Excellent
Pros
  • No client software required
  • Customisable Web portal
  • Up to 25 concurrent remote users
  • Pre- and post-authentication security checks
  • Windows, Mac, Linux and mobile clients
Cons
  • Some endpoint controls limited to Windows and Mac clients only
  • Complex to configure in places

SSL VPN appliances are pretty commonplace these days and are no longer restricted to the corporate market. Indeed, there are now lots of affordable small-business products, starting at just a few hundred pounds. Compared to entry-level products, Aventail's EX-750 may seem a little expensive — but then it does have a number of features that are not available elsewhere.

To begin with, Aventail is one of the longest established of the specialist SSL VPN vendors, having more or less invented the concept — the aim of which is to simplify the deployment and management of remote LAN access. To this end, an SSL VPN appliance uses the Secure Socket Layer (SSL) encryption technology found in desktop Web browsers, such as Internet Explorer and Firefox, to create its VPN tunnels rather than custom VPN client software. And that, in turn, does away with the need to deploy, manage or maintain anything extra at the remote user end.

Another difference is that, although very much a small-business solution, the EX-750 can support up to 25 concurrent users compared to, typically, 5-10 users on most of the cheaper competition. Plus, if you need to handle more, it’s part of a much larger family of SSL appliances able to handle up to 2,000 users at the top end with additional clustering, load balancing and failover features also on offer.

And last but by no means least, the EX-750 provides additional Network Access Control (NAC) features that are usually only found on more expensive enterprise solutions. Most notably, it can enforce pre- and post -authentication software and configuration checks on Windows, Windows Mobile, Apple Mac and Linux clients. These ensure that basic security pre-requisites are met before allowing remote users to connect, and can also be used to clean up after they leave.

Getting started

You can tell that Aventail's product is different right from the start. Most of the really low-cost SSL appliances are tiny ASIC-powered devices, but not the EX-750. It’s built on a 1U rack-mount Linux server powered by a 2.4GHz Intel Pentium 4 processor with 512MB of memory. You also get two 10/100Mbps Ethernet interfaces, enabling the unit to be deployed as a gateway if required, although it’s not mandatory and for our tests we simply plugged the unit into our network using a single port.

Top ZDNet Reviews

Raspberry Pi 4
raspberry-pi-4-model-b-header.jpg

Top ZDNet Reviews

Raspberry Pi 4

9
Motorola Moto G100
motorola-moto-g100-header.jpg

Top ZDNet Reviews

Motorola Moto G100

8
Raspberry Pi 400
raspberry-pi-400-header.jpg

Top ZDNet Reviews

Raspberry Pi 400

8.5
OnePlus Watch
oneplus-watch-3.jpg

Top ZDNet Reviews

OnePlus Watch

5.7

A local console can then be attached and the appliance managed via a command line if that’s your thing. However, most customers will do as we did, and point a Web browser at the Aventail appliance to set up and administer it.

A wizard helps to simplify the initial setup of the Aventail appliance, but then it gets a lot more complicated.

In its favour we found the interface reasonably intuitive and the initial setup, at least, a fairly easy process, with a wizard to take you through the basics. However, by the time you’ve read through the supporting documentation and sorted out the best way to deploy the EX-750 you may find that you’ve spent the best part of a day getting it working. Moreover, when you start delving into NAC options it can all get very complex and most customers will, therefore, need to get a specialist reseller to install the product — especially those without dedicated technical resources of their own.

How it works

Remote users connect to the appliance using a browser, usually over the Internet, by typing in a URL which will be resolved to the IP address assigned to the built-in Web portal — the Aventail Workplace. This then provides access to the Web applications that users are allowed to run, and also a Web-based network browser tool. The workplace can also be further customised by adding your own logos and editing the text displayed.

The Aventail Workplace portal can be customised with your own logo, text and other options.

Users who log in at the portal, can be authenticated against an internal database or an external LDAP, Active Directory or Radius server. They can also be assigned to communities and access controls can be applied at a very granular level as part of the authentication process.

With our Windows clients, for example, we were able to check for an active desktop firewall and antivirus software and stop users connecting when these weren’t found. Alternatively we could restrict users to a quarantined subnet if these and other prerequisites weren’t met, pointing them to sites where the appropriate updates could be obtained.

It’s possible to check Windows clients for suitable antivirus and firewall protection before allowing them to connect.

Network address and access method can also be used to limit access, and controls can be applied differently depending on the date, time and encryption strength settings on the client PC. Another important feature is the ability to clean the browser cache and remove session data automatically when users log off, although this option is only available on Windows.

Although it's described as 'clientless', ActiveX and Java applets are employed by the Aventail appliance to facilitate access to network applications and other resources via a browser. There’s also a lightweight Connect client that can be deployed to provide a full 'in-the-office' experience. Most applets, however, can be installed on-demand or downloaded from the portal (or another server) and preinstalled, by the users themselves if required, with none of the complicated setup or management that's required with a traditional VPN client.

The SSL experience

The performance of the EX-750 is primarily a function of the available bandwidth and the client platform. We used Windows clients and an 8Mbps ADSL line, and found this setup very usable. Moreover, unlike some of the low-end products, the perceived performance didn’t suffer noticeably as additional users were attached.

Indeed, the only real issue we had was the complexity of the Aventail solution. For the majority of small businesses looking for basic remote network connectivity it’s a little over the top, and there are plenty of alternative products that can do the job at a fraction of the price. However, the Aventail pedigree, scalable hardware platform and network access controls are all worth having, and for companies seeking enterprise security at a small-business price it’s hard to beat.







Related

Netgear Orbi Quad-Band Mesh WiFi 6E System (RBKE963): Fast but expensive wireless mesh networking
netgear-orbi-wifi-6e-rbke963-header.jpg

Netgear Orbi Quad-Band Mesh WiFi 6E System (RBKE963): Fast but expensive wireless mesh networking

Networking
NexDock 360 Touch review: Transform your Samsung smartphone into a capable laptop
nexdock-360-5.jpg

NexDock 360 Touch review: Transform your Samsung smartphone into a capable laptop

Mobility
Dell XPS 17 9710 (2021) review: A highly configurable premium 17-inch laptop
dell-xps-17-9710-header.jpg

Dell XPS 17 9710 (2021) review: A highly configurable premium 17-inch laptop

Laptops