AEP System's A-Gate AG-600 is a Linux-based system with an Intel Pentium III processor coupled with 512Mb RAM in a 1U rack-mount chassis. The device can fit into most network topologies due to its four configurable 10/100 Base-T Ethernet connections.
Initial set-up uses a serial console connection, and the device can be administered from this connection if required. However, the browser-based WebAdmin system becomes available after the preliminary configuration is completed, and this provides an easier and equally effective management interface with access to most of the management options. Some options, such as those associated with the High Availability feature, still require console access, however.
The system can authenticate users by using LDAP, RADIUS, Windows and local user database, either singly or in combination. It has facilities to test user authentication and server access, which saves the time needed to verify connections from individual workstations and users, and helps to avoid obscure configuration bugs.
As well as the normal user name and password ID checks, AEP has included a "Completely Automated Public Turing test to tell Computers and Humans Apart" (CAPTCHA), to stop security breaches by programmed attacks. This provides a security challenge in the form of a riddle or an image – which should be easy for a human operator to solve, but almost impossible for a program to crack.
Remote access from a browser is provided either through a portal or through specific URL links. Web services are generally published on the portal page, but you can also incorporate Windows Terminal Server connection links here as well as in the default connection list. A Java runtime environment is needed for some features.
The system also provides a VPN client that can be downloaded to individual Windows workstations (to which the client is restricted). This software intercepts network requests for the private network and routes them to the A-Gate Central system for processing. Clients are registered with the system and all access requests are validated against this register, which can also be set up to control access to resources on a client basis.