SSL VPN - device verification

I am trying to understand whether to implement SSL VPN or IPsec VPN. By all the characteristics SSL VPN is OK, except.. device verification. I wonder if it is possible to verify a device (for example, corporate laptop only) with SSL VPN? We can do it with IPSec VPN, right?

Thanks a lot!

Not sure what you are asking. You don't want just anyone able to initiate a connection, only specific corporate devices? I believe with SSL you could just force the client to need a certificate to be able to connect.

IPSec VPN's with certificates for the individual devices will do the trick. This is how our store routers connect to HQ.

You can do some version of host checking, but this largely depends on your vpn manufacturer. (regardless of whether its SSL or IPSEC).

We use the Cisco Anyconnect client to do host verification before we allow a device to establish a VPN tunnel. In our particular case, we put a registry key in a specific location, which the agent will check prior to establishing the tunnel.