Small businesses often lack the time and expertise needed to set up and manage a traditional VPN (virtual private network), particularly the special encryption software needed on the remote PCs.

SSL-based solutions, however, use the SSL (Secure Socket Layer) encryption provided by browsers such as Internet Explorer and Mozilla Firefox as standard, making products such as the Sonicwall SSL-VPN 200 much simpler to both manage and use.

Designed expressly for small companies wanting to provide remote access to their networks, the tiny SSL-VPN 200 is designed to sit behind an existing firewall. If that happens to be a Sonicwall product then extra filtering and packet inspection can also be provided, but it’s not compulsory and we had no problems using it with firewalls from a number of other vendors.

Installation isn’t difficult, but it is long winded and our biggest criticism has to be the lack of any automation of the processes involved. Still, with a little bit of trial and error we were soon able to get the appliance up and running using the web-based management GUI and, once that’s achieved, the rest is very easy.

There’s no need to manually install any software on client PCs. Rather you simply open a browser to connect to the device, typically by specifying a DNS or IP address forwarded to the SSL-VPN 200 by your firewall (you’ll have to configure this yourself). You then log on to be presented with a ‘virtual office’ portal through which you can both browse network shares and run applications.

Authentication is done using either an internal list or an external service such as Radius, NT domains, Active Directory, or Ldap, with access to resources strictly controlled using predefined polices and application bookmarks assigned to particular users or user groups.

Trusted users can be allowed to create bookmarks of their own and there are facilities to customise and brand the portal interface by changing the text and adding a company logo, for instance.

Although described as clientless, the SSL-VPN 200 does download small ActiveX and Java applets to do its work. For example, we were able to connect to and manage a server via VNC using a Java applet supplied by the SSL-VPN 200, but it all happens transparently with the applets pushed out automatically and removed again once finished with.

However, you are limited in the number of applications that can be run this way and for more general access an optional Netextender client is required.

The Netextender software is installed and behaves just like an ordinary VPN client, but users can install it themselves by clicking on the link provided. It then allows any TCP/IP application to be run, even VoIP, and can also be configured to start independently without a opening a browser.

Unlike most traditional VPN solutions, per-user licensing isn’t required with the SSL-VPN 200. It is, though, limited in the number of encrypted tunnels it can handle with a larger version available if you want to support more than the recommended 10 at a time.

And if you want site-to-site tunnelling you’ll need to look elsewhere as it’s not possible using this device.

Limitations aside the SSL-VPN 200 is impressive. It has a few rough edges but is affordable for small businesses looking to give remote and mobile workers secure access to network resources.