Juniper MAG Alternate Solutions? (Access Portal, SSL VPN)
Posted on 2014-08-28
I'm looking for a solution to replace Juniper MAg's secure access portal functionality, for clients that don't have Citrix XenApp/Desktop. Here's my requirements:
-Consolidate remote access
-For ease of remote users remembering a single URL (single access portal with SSO)
-For security to not expose insecure services (you can put all external apps besides SMTP behind the access portal, requiring users to login first to access them)
-Seamlessly integrate with backend app web portals and the protocols associated with them.
-HTML5 support for integrating with web applications
-IPSec or SSL VPN tunnels. MAGs are great for this, and even offer a lightweight “SAM” VPN client that can tunnel individual applications.
-Integration with plain old RDS/RDP if Citrix not in client environment
-RDP tunneling with NLA (Network level Auth)
-File Access to Windows Shares, both for Windows and Mobile clients
-Integration with Citrix Storefront/XenApp
-Ease of use: MAG’s Citrix XenApp ActiveX plugin requires a browser AND Java plugin AND Citrix Receiver, and often one of those components fails.
-MAG’s don’t support RDP 6.1’s NLA (network Level Authentication), forcing clients to disable it on servers and introduce possible Man-in-the-middle RDP attacks.
Some Solutions I've looked at:
-Citrix NetScaler- really limited functionality if the client doesnt have Citrix
-Plain old SSL VPN via the firewall- no single access portal for end users
-Windows RemoteApp- most clients not fans
-Okta- Most clients nto fans of cloud based services
Thanks for your recommendations!