We've got a Netilla (I keep wanting to call it Nutella) appliance going on line soon. It's been with the desktop/applications team for a while now and all the manuals/paperwork etc has just been passed to me by my boss to look at from an infosec perspective.
I've been trawling through a lot of the papers and at an initial glance it looks promising.
It's going to be used to allow out of hours access to internal applications from an unsecured PC (i.e. the usual malware riddled home pc) via the Netilla appliance.
The appliance the users will connect to will be located in our DMZ and the appliance should act as an appication-layer (reverse?) proxy. At the users' end everything will be carried out via the web browser which should download a small java applet which in turn should establish the secure connection to the netilla box and a secure terminal (thinclient?) on the users pc. At the end of the session the applet removes itself and any temp files and performs secure erasure of those files.
Has anyone used this product or similar SSL VPN devices?
Are their any particular pitfalls/problems with these products?
Any security issues that could be raised with the introduction of this?
I'll be speaking to the team involved over the next few days and I'm trying to quickly get myself as well informed as possible.