[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 591
  • Last Modified:

Looking at the SONICWALL SSL VPN 2000 appliance for a small organization.

The SONICWALL SSL VPN 2000 appliance seems perfect for our small remote sales staff requirements.  It needs to be simple and secure.  

The SONICWALL products seems good based on my research.  I am curious abour SSL certificates.  Are they expensive to maintain?  Are there any licensing requirements for this product?  Thanks.
0
Resonetics
Asked:
Resonetics
  • 3
  • 2
1 Solution
 
ParanormasticCryptographic EngineerCommented:
SSL certificates can be expensive, but with a little shopping around it isn't too bad.  Some companies set up their own CA for internal use as well.  Most networking devices also include the capability for generating their own certificate, but keep in mind that for your users to trust it they would need to import that certificate into their trusted root certification authority store in order to avoid warning messages.  Not too difficult, especially with screenshots in a word doc or pdf, and can be done by most folks in under 5 minutes.

Verisign is the most compatible (i.e. have their root certificate pre-installed in the most products) across the board, however they are by far the most expensive.  Comodo is a good mid-level pricing with excellent support and a wide product range.  GoDaddy is pretty much the cheapest out there that I would trust and haven't heard too much for complaints.  The security is the same for each at the end of the day - a cert is a cert.

Certs are licensed - each vendor will have their own specific details.  Many of them support one license per box that the cert is installed on.  Most will exclude passive cluster nodes, offline disaster recovery systems, etc. but check with them to make sure.  The sales folks at most of these places are very friendly and informative and will help you figure out what you need, why you need it, and how to go about doing it.  In most cases you only install a cert on one box anyways so that doesn't matter then.

Any VPN device will have its own licensing.  You usually get license packs - quick search I am seeing 1,10, 50, 100 user packs.  This will determine how many concurrent connections the VPN device will allow through.  If your sales folks only connect briefly each day, you might be able to get away with less licenses to save cost, but you would be running the risk that someone needs to connect and can't get through - especially if the session timeout is very long some people may just leave it connected overnight at their hotel or something.  You can get these licenses from a number of websites: CDW, Amazon, etc.

A friend of mine that is a small business consultant uses SonicWall devices for a lot of customers for a number of years now and is very happy with them.
0
 
ResoneticsAuthor Commented:
OK.  That is great information.  Do you NEED a certificate, or is it just an added security measure?

Also, one of the benefits I found for the SONICWALL  SSL VPN 2000 is there are no licensing fees.  Does that sound right?  My boss does not want to enter into a situation where there are on going licensing requirements.

I am the only IT person here and sometimes its nice to get an external perspective on things.  Thanks again.

0
 
ParanormasticCryptographic EngineerCommented:
You must have a certificate to enable SSL - whether it is a commercial one, one from your company's CA, or one generated from the device.  The commercial ones are easier to rollout in general as the step of adding the certificate to the trusted root store is already done - however since you will probably have a decent document written up on how to do the VPN anyways, this isn't the concern that it would be for other scenarios like a web site.

To my understanding the licensing is paid up front, not subscription based renewals.  However based on their website, the warranty is 90 days, so you might want to look into if they offer support contracts or pay-per-incident support.
0
 
ResoneticsAuthor Commented:
The solution provided me with the information I need to make an informed decision.  
0
 
ResoneticsAuthor Commented:
We ended up purchasing the SONICWALL SSL VPN 2000 and it works great.  Real easy to set up and administer.  Total cost was around $1250.  I would highly recommend it for a small enterprise looking to offer remote access to a small group of employees.
0

Featured Post

New Tabletop Appliances Blow Competitors Away!

WatchGuard’s new T15, T35 and T55 tabletop UTMs provide the highest-performing security inspection in their class, allowing users at small offices, home offices and distributed enterprises to experience blazing-fast Internet speeds without sacrificing enterprise-grade security.

  • 3
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now