It seems that every time a new technology comes along you have to add yet another box to the stack of routers, firewalls and other devices needed to connect a network to the Internet. However, that's not the case with the BiGuard S10, which combines the latest client-less SSL remote access technology together with a router and a firewall in a single appliance.

Divest the BiGuard S10 from its packaging and the initial impressions are good. About the size of a small network switch, the appliance comes in a robust metal case with brackets for rack mounting, if required.

LEDs at the front tell you when the external power supply is connected and also show the status of the interfaces, with four 10/100Mbps LAN ports and another for WAN (Internet) connectivity. There's even a DMZ (De-Militarised Zone), although this is implemented in software and shares one of the LAN ports rather than having a dedicated interface of its own.

Note also that, as the name implies, the S10 is only designed to handle up to 10 remote user connections, with a more powerful S20 model due soon for larger networks. This will also features two WAN interfaces, additional load balancing and failover facilities plus support for ordinary IPSec VPN tunnelling.

Unfortunately the setup and management options don't quite live up to the first impressions. SNMP support is available for those with a suitable console, but most users will opt for the built-in Web front-end which we found quirky and difficult to navigate. On the plus side, a couple of quick start options help with the initial Internet connection and basic SSL VPN settings, but to get to grips with the rest we had to resort to the manual. Still the documentation is reasonably well written and, thus armed, it didn't take too long to get it all working.

The router and firewall options are pretty much in line with what you get on low cost standalone products, with intrusion detection and content filtering tools also provided. However, the SSL VPN facilities are what make the product stand out, with no client software required to connect remote users to resources on the local network. Instead the SSL encryption provided by browsers like Internet Explorer and Mozilla Firefox is used create the secure VPN tunnels. All that the remote user has to do is type in the address of the customisable portal hosted by the Billion appliance and login.

Remote users can be authenticated against a built-in database or an external Windows domain, LDAP or Radius server. Access can then be granted in several ways including a "My Network Places" button that allows remote users to trawl the attached network just as they would if locally connected and using Windows Network Neighbourhood.

Alternatively they can be presented with a customisable menu of applications, accessed though a set of built-in proxies implemented using ActiveX and Java applets. Among these is a VNC proxy which can be used, for example, to remotely manage servers, plus there's a proxy for the Microsoft Remote Desktop Protocol (RDP) which allows users to see and use their XP desktop back at the office (assuming it's turned on, of course). FTP, Telnet and HTTP/S proxies are similarly available, along with facilities to pre-configure each one and assign the setups to portal menus on an individual user or group basis.

Yet another option is to use the so-called network and transport extenders, again implemented using ActiveX applets. These provide the same kind of remote LAN access as a conventional VPN, but still without the need to consciously install or configure client software - the ActiveX component does it all for you. To this end the network extender provides general LAN access while the transport extender gives support for specific applications.

Everything worked as expected in our tests with performance on a par with a traditional VPN setup. As already mentioned, the management interface needs some work, but we liked the tools to customise the portal interface, enabling us to add our own logo and manage what remote users were allowed to see and do.

The all-in-one approach also helps simplify both deployment and day-to-day management, although if you have a router and firewall already you're paying extra for features you don't really need and there are now plenty of similarly priced standalone SSL VPN appliances which are just as effective.

The SSL VPN market is awash with products aimed at small business, but with its integrated router and firewall the BiGuard S10 is a particularly good buy for companies starting from scratch. The router and firewall, however, are of little value to those with such devices already and, although well matched on functionality, the poorly implemented management interface puts the BiGuard at a disadvantage compared to other standalone SSL VPN products.