One thought on that CAG product - it's a solid box, but if you're going to go the SSL VPN route, you ought to consider a true SSL VPN, which CAG is not.
CAG is great for Citrix but that's it - if you've got web apps, like PACS or oven OWA, you'll need another solution just for them. The CAG doesn't even have an HTML rewriter, a basic security requirement for an SSL VPN. SSL VPNs do as good a job front ending Citrix as CAG but can also front-end native terminal services, Web apps, some even do tunneling. Check out things like the AEP Netilla box which does all of this, it's pretty cool.
You can go a few ways here - one is to leave Citrix on the LAN and use an SSL VPN for the WAN. AEP (which used to be Netilla) makes a good box for this. It'll either forward the ICA clients down in Java to the end user or you can skip Citrix and use AEP thin technology to serve apps remotely. Cool stuff. There's a white paper for this on their site aepnetworks.com. I think also it's the only SSL VPN to do Linux. Forgive the ad but it's a good box.
Slashdot Mirror
CAG is great for Citrix but that's it - if you've got web apps, like PACS or oven OWA, you'll need another solution just for them. The CAG doesn't even have an HTML rewriter, a basic security requirement for an SSL VPN. SSL VPNs do as good a job front ending Citrix as CAG but can also front-end native terminal services, Web apps, some even do tunneling. Check out things like the AEP Netilla box which does all of this, it's pretty cool.
Just my two cents!
You can go a few ways here - one is to leave Citrix on the LAN and use an SSL VPN for the WAN. AEP (which used to be Netilla) makes a good box for this. It'll either forward the ICA clients down in Java to the end user or you can skip Citrix and use AEP thin technology to serve apps remotely. Cool stuff. There's a white paper for this on their site aepnetworks.com. I think also it's the only SSL VPN to do Linux. Forgive the ad but it's a good box.
Eric