Strengths: Very simple to install; works with your existing systems
Weaknesses: Offers little control over access
Verdict: A good way of encrypting access to important systems while maintaining your existing security systems
KoolSpan's SecurEdge is designed to provide safe access to a network through a 256-bit AES link with support for up to 512 simultaneous users. The kit comprises of a lock that bridges the external network to the internal one, and a set of USB keys providing authentication.
The keys come preconfigured for use with the supplied lock, so getting the system to work is just a matter of plugging it in and installing the client software.
The only real bit of network wizardry you have to perform is configuring port forwarding on your router/firewall to pass authentication requests to the lock. Aside from that, you just connect the USB key to a spare port on your client computer and run the connection software.
But that's not all SecurEdge can do. As it bridges two network connections, you can install it to provide secure access from a wireless network to the wired network, or for secure access to an important server.
Access control is rather simplistic, though. If you're after fine control over wireless access, a product such as BlueSocket's WG1000 would be a better choice. Or, since SecurEdge runs at layer 2, you could easily pair it with a complimentary security product running at layer 3.
Management of the system is through SecureEdge Manager, which lets you configure and control access through the lock. To gain access to this system you need to insert the management key. It's important that you don't lose these keys or forget the eight-digit PIN, or you'll be unable to access the management system.
Once in, you can manage keys by revoking network access, renaming them to match the owner's username and selecting which locks they have access to. If a user brings you their key, you can also reset a forgotten PIN.
It's a very simple system to use, and we were surprised how quickly we had our review unit working. But, aside from allowing or denying access, there are no controls on network traffic that's allowed or denied, so you will still need other access controls and devices on your network.
If you're looking for complete access control system with fine granular control, this isn't it, but it is an excellent way of adding hardware-based authentication to your existing systems.