Strengths: The FirePass appliance includes many features
Weaknesses: The initial setup and administration for this device come with a steep learning curve
Verdict: A good product that scales well for many environments
F5's appliance uses a browser client that installs and runs in a similar way to an IPSEC client, allowing the user access to the entire network or a subset of it once the client is installed.
The FirePass can pull user account settings from a variety of sources including Active Directory, Windows Domain, LDAP, and local account database. The appliance also has several different mechanisms for installing a client IP address for the VPN user and comes with multiple Ethernet interfaces that can have a unique IP address installed on each interface.
The installation of this product is a somewhat complicated process. The unit ships with an IP address assigned to the first Ethernet interface as well as the management interface. It is a bit difficult to change these addresses to something that can be used on an organisation's network.
There is a quick configuration wizard to change the settings, but we initially attempted to change the IP addresses manually and found the process confusing and ineffective. The second attempt was with the wizard, which failed halfway through the process. Finally, on the third attempt, we managed to change the IP addresses so that we could install the device in the network.
All configuration for this system takes place via a web browser. Since the device ships with an LED front panel, we would like to see the ability to change the IP of the management console from the front panel.
Once the unit has been properly addressed, the web-based administration interface is moderately confusing the first few times an administrator sees it. However, it took slightly more than an hour to configure the device to get a client to connect and access the internal network.
The Firepass arrives with a printed getting started guide and, as with other products we tested, we recommend that the administrator read the entire manual before beginning the installation. Other documentation is included in the form of several indexed PDFs. On a whole, the documentation, which certainly is needed, is superior.
Support is offered via phone and a password-protected web portal. One year support during office hours is included in the purchase price.
The cost for the FirePass ranges from £4,735 for ten concurrent users to £27,090 for 250 users. Given average support and the difficult implementation, we find the FirePass average value.