REVIEW: SSL312 VPN Concentrator

Ian Yates reviews Netgear's VPN Concentrator and finds the device offers an easy way to build a VPN.

When you need to access your office PC from home or while on the road, you can make use of the “Log Me In” or “Go to my PC” Internet-based services. They do work as advertised, mostly, and for the occasional remote access session they can be a lifesaver. But you have to leave your office PC switched on for them to work, and if there are lots of your employees wanting remote access it starts to get messy. Surely there’s a better, more organised way?

Yes indeed there are many ways to skin the remote access cat, and the router you already own might even be up to the task of providing just such a service. For that you’ll need to dig out the manual. But most routers with built-in VPN and similar offerings take an all or nothing approach, expecting the fine-tuning to be done on some server or other inside the firewall. This approach might well suit many offices, particularly those with their own tame IT support people.

For the rest of us, Netgear makes the SSL312 VPN Concentrator – hard to pronounce but surprisingly easy to use. This blue box is basically the VPN bits of your router on steroids. It sits behind your router/firewall and connects to your network with a single Ethernet cable. You make a port-mapping on your firewall to direct https traffic to the SSL312, using the default port or one of your own choosing, then add some usernames to the list and you’re done.

From outside the firewall, your users put the address into their browser and login to the SSL312. They then choose from a menu, which you can easily customise if you don’t like the default, to make a VPN connection, which lets them browse your network as though they were in the office, gathering any files they need, or sending through updates etc. Or they can choose to fire up a remote desktop session on any PC or server to which they have access.

The Netgear remote access service uses the Windows built-in Remote Desktop Connection of the PC or server but shrouds it in an SSL session to keep snoopers at bay, and it also means you don’t need lots of port-mapping for every PC or server you want to make available remotely. Instead you just have the SSL312 available and everyone goes through its secure interface. If you’d rather not allow staff unfettered access to all the applications on your server when they’re away from the office, you can tailor their access to suit.

You can easily configure the SSL312 to provide a menu of applications, such as Word or Excel, which are preconfigured, or add your own custom applications. Users then login and choose the application they need, which they can do from any browser equipped device like a public access internet kiosk or a slim “netbook” style portable PC which might not have the grunt to run the whole application by itself. Instead you provide a window to your internal application server which can be a real server for multiple users or just a spare PC if your needs are less demanding.

The SSL312 can perform both roles at once – giving full VPN access to demanding remote users, or just a few applications for those who need to fire up a sales quote using their client’s PC to access your office remotely. It all depends on what you make available to each user or group of users when they login. It’s a strange concept at first, to login to this blue box and then reach into the network with just a single Ethernet cable, but behind the magic is a simple easy to use remote access solution for up to 25 concurrent users, which doesn’t require you to master the intricacies of Windows server administration.

We've spotted the device online for $441.

Read more on Antivirus, firewall and IDS products