We help IT Professionals succeed at work.

Looking at the SONICWALL SSL VPN 2000 appliance for a small organization.

Resonetics
Resonetics asked
on
Medium Priority
610 Views
Last Modified: 2012-05-06
The SONICWALL SSL VPN 2000 appliance seems perfect for our small remote sales staff requirements.  It needs to be simple and secure.  

The SONICWALL products seems good based on my research.  I am curious abour SSL certificates.  Are they expensive to maintain?  Are there any licensing requirements for this product?  Thanks.
Comment
Watch Question

ParanormasticCryptographic Engineer
CERTIFIED EXPERT

Commented:
SSL certificates can be expensive, but with a little shopping around it isn't too bad.  Some companies set up their own CA for internal use as well.  Most networking devices also include the capability for generating their own certificate, but keep in mind that for your users to trust it they would need to import that certificate into their trusted root certification authority store in order to avoid warning messages.  Not too difficult, especially with screenshots in a word doc or pdf, and can be done by most folks in under 5 minutes.

Verisign is the most compatible (i.e. have their root certificate pre-installed in the most products) across the board, however they are by far the most expensive.  Comodo is a good mid-level pricing with excellent support and a wide product range.  GoDaddy is pretty much the cheapest out there that I would trust and haven't heard too much for complaints.  The security is the same for each at the end of the day - a cert is a cert.

Certs are licensed - each vendor will have their own specific details.  Many of them support one license per box that the cert is installed on.  Most will exclude passive cluster nodes, offline disaster recovery systems, etc. but check with them to make sure.  The sales folks at most of these places are very friendly and informative and will help you figure out what you need, why you need it, and how to go about doing it.  In most cases you only install a cert on one box anyways so that doesn't matter then.

Any VPN device will have its own licensing.  You usually get license packs - quick search I am seeing 1,10, 50, 100 user packs.  This will determine how many concurrent connections the VPN device will allow through.  If your sales folks only connect briefly each day, you might be able to get away with less licenses to save cost, but you would be running the risk that someone needs to connect and can't get through - especially if the session timeout is very long some people may just leave it connected overnight at their hotel or something.  You can get these licenses from a number of websites: CDW, Amazon, etc.

A friend of mine that is a small business consultant uses SonicWall devices for a lot of customers for a number of years now and is very happy with them.

Author

Commented:
OK.  That is great information.  Do you NEED a certificate, or is it just an added security measure?

Also, one of the benefits I found for the SONICWALL  SSL VPN 2000 is there are no licensing fees.  Does that sound right?  My boss does not want to enter into a situation where there are on going licensing requirements.

I am the only IT person here and sometimes its nice to get an external perspective on things.  Thanks again.

Cryptographic Engineer
CERTIFIED EXPERT
Commented:
You must have a certificate to enable SSL - whether it is a commercial one, one from your company's CA, or one generated from the device.  The commercial ones are easier to rollout in general as the step of adding the certificate to the trusted root store is already done - however since you will probably have a decent document written up on how to do the VPN anyways, this isn't the concern that it would be for other scenarios like a web site.

To my understanding the licensing is paid up front, not subscription based renewals.  However based on their website, the warranty is 90 days, so you might want to look into if they offer support contracts or pay-per-incident support.

Not the solution you were looking for? Getting a personalized solution is easy.

Ask the Experts

Author

Commented:
The solution provided me with the information I need to make an informed decision.  

Author

Commented:
We ended up purchasing the SONICWALL SSL VPN 2000 and it works great.  Real easy to set up and administer.  Total cost was around $1250.  I would highly recommend it for a small enterprise looking to offer remote access to a small group of employees.
Access more of Experts Exchange with a free account
Thanks for using Experts Exchange.

Create a free account to continue.

Limited access with a free account allows you to:

  • View three pieces of content (articles, solutions, posts, and videos)
  • Ask the experts questions (counted toward content limit)
  • Customize your dashboard and profile

*This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

OR

Please enter a first name

Please enter a last name

8+ characters (letters, numbers, and a symbol)

By clicking, you agree to the Terms of Use and Privacy Policy.