TNSR High-Performance VPN Concentrator vs. Perimeter 81 on AWS
TNSR® High-Performance VPN Concentrator offers routed site-to-site and remote access VPNs via IPsec or WireGuard® with no hidden fees.
The product provides versatile management with a command line interface (CLI), RESTCONF API, and GUI, as well as advanced monitoring and troubleshooting with SNMP, Prometheus Exporter, and IPFIX Exporter. Standardized BGP, OSPF, and RIP routing protocols are also available. See features here.
CheckPoint Perimeter 81® offers network security as a service and is a popular SASE and business VPN solution. It allows users, whether in-office or remote, to securely access company resources that are stored on-site or in the cloud. The service is cloud-based and managed from a simple dashboard.
TNSR High-Performance VPN Concentrator | Perimeter 81 | |
Management | ||
Command Line Interface (CLI) | Yes | No |
Graphical User Interface (GUI) | Yes | Yes |
RESTCONF API | Yes | No (REST) |
Automation | ||
Ansible | Yes | No |
Saltstack | Yes | No |
Puppet | Yes | No |
Chef | Yes | No |
VPN Protocols | ||
IPsec | Yes | Yes |
Wireguard | Yes | Yes |
OpenVPN | No | Yes |
Security Add-Ons | ||
Access Control Lists (ACLs) | Yes | No |
Other Firewall Features | No | Yes |
Support
24x7 TAC Pro or Enterprise support is included for TNSR High-Performance VPN Concentrator, depending on the number of connected devices.
Customers with up to 50 connected devices can get expert answers within 24 hours via email or the support portal. They can also upgrade their support subscription to a 4-hour response time and live phone support. Customers with 100 or more connected devices can get expert answers within 4 hours via email, phone, or the support portal. A community forum is also available.
Support for Perimeter 81 is included and based on product tier.
Essentials, the lowest product tier, provides support during business hours via a ticketing system, chat, or email. Response times range from 20 minutes to 1 business day, depending on issue severity. Enterprise, the highest product tier, includes 24/7 support via phone, chat, email, or the ticketing system.
Pricing
TNSR High-Performance VPN Concentrator is priced based on the number of VPN connections, with a discount for one-year and multi-year contracts. There are no additional data processing fees. For 25 VPN connections, a one-year contract with unlimited data processing is $1,499, not including AWS infrastructure costs. See here for more on pricing or contact sales@netgate.com to discuss your needs.
Perimeter 81 comes in four product tiers: Essentials, Premium, Premium Plus, and Enterprise.
For the Essentials, Premium, and Premium Plus tiers, customers are charged $8 to $16 per user per month and $40 per gateway per month, if paying annually. Pricing for the Enterprise tier is not available on the website.
Price Per Year for 25 Connections
- TNSR High-Performance VPN Concentrator: $2,365*
- Perimeter 81 (Premium Plus): $5,280**
*Does not include annual AWS infrastructure cost.
**Assumes one private gateway.
Ease of Use
Documentation
TNSR software documentation is comprehensive and well-structured. From installation to advanced configuration, it covers a wide range of topics and includes examples to aid understanding.
Perimeter 81 also offers well-organized documentation with guides that make it easy to get started.
Installation
The process for getting started with TNSR software on AWS is straightforward. To get started, launch an instance of TNSR High-Performance VPN Concentrator from the AWS Marketplace. Access the instance via SSH for configuration, and follow a step-by-step configuration recipe. Terraform and CloudFormation can be used to integrate TNSR software into CI/CD DevOps pipelines, and templates are coming soon to further simplify the installation process.
A GUI and clear documentation make installation and configuration of Perimeter 81 easy as well. The process includes downloading the agent, signing in to the workspace URL, and configuring profiles for different user groups and settings.
Management
There are multiple ways to manage TNSR software, including Command Line Interface (CLI), RESTCONF API, and Graphical User Interface (GUI).
TNSR software configuration through both CLI and RESTCONF API enables the product to be managed by IT automation platforms like Ansible®, SaltStack®, Puppet®, or Chef™.
Perimeter 81 can be managed using its Web GUI and REST API. CLI management and RESTCONF API are currently unavailable. The product cannot be managed using IT automation platforms.
Other Features
VPN
TNSR software supports WireGuard and IPsec (Site-to-Site and Mobile) VPN protocols.
Perimeter 81 supports IPsec, WireGuard, and OpenVPN VPN protocols.
Logging and Monitoring
TNSR software supports SNMP, SPAN / ERSPAN, Prometheus Exporter, and IPFIX Exporter for monitoring. It also supports DHCP logging, and general logs can be found in /var/log/syslog.
There is currently no direct integration with Amazon CloudWatch, but virtual machine information like CPU, MEM, and BW is available.
Perimeter 81 offers a Monitoring Dashboard that provides real-time visibility into network usage, including active sessions, utilized member licenses, gateway licenses, and applications. Views can be filtered by time range, network, region, and gateway.
The documentation also provides guidance on collecting log files, which can help in diagnosing agent and network-related issues.
Tools like SNMP, SPAN / ERSPAN, Prometheus Exporter, IPFIX Exporter, DHCP logging, and Amazon CloudWatch are not mentioned in the documentation.
Segmentation
Virtual Routing and Forwarding (VRF) is supported in TNSR. VRF enables multiple routing tables on a single router. The technology is used in VPNs to provide secure, segregated routing over shared infrastructure.
Perimeter 81 offers network segmentation by creating tailored, cloud-based networks. Administrators define network specifics like name, region, and gateways. They also set unique configurations for different user groups through configuration profiles.
Security Add Ons
TNSR supports Layer 2, Layer 3, and Layer 4 Access Control Lists (ACLs), scalable to over 100,000 rules.
In TNSR, user authentication is done using either passwords or user keys.
Perimeter 81 offers a range of security features like agentless ZTNA, automatic Wi-Fi protection, SWG web filtering, malware protection, DNS filtering, and advanced identity access management with multi-factor authentication.