Security Basics mailing list archives
Re: SSL VPN
From: "Jason Thompson" <securitux () gmail com>
Date: Tue, 15 Jan 2008 14:52:14 -0500
I personally like Check Point's SSL VPN, Connectra. The virtual desktop works very well and its a snap to deploy. Getting it up and running takes 20 minutes, runs on SPLAT (a hardened Linux). Supports all the major auth mechanisms including native SecurID and AD / LDAP. What's been popular with it is the ability to map users network drives over their SSL portal based on the ID they log in with and clientless Integrity which verifies the machine is 'safe' to connect (AV running & up to date, no malicious apps, etc). As for cost effective, not sure. It's Check Point, so.... :) Licensing is based on concurrent users so if you only expect to have 50 at once, then a 50 license is fine... if you expect all 250 to connect at once... well its gonna be ugly. If Juniper is more reasonable, I've heard good things about that as well. -J
Hi List, Currently we have 100+ home users who connect to our VPN gateway (IPSEC) and access the resources. As the business is growing, within a couple of months we'll be having more than 300 users operating from home. Management asked us to give them a "cost effective" solution to migrate the existing home users to "SSL VPN" so that there won't be any requirement of installing the software client etc (keeping in mind that the associates working from home will be growing) and it will be more secure. We also have a Cisco ASA as a perimeter firewall on our network on which we can configure the SSL VPN but cpu utilization on the ASA is somewhere near 40%. I would like to know the cost effective way to implement the same. I would also like to know the products in the market which supports SSL VPN or shall we go ahead and implement SSL VPN on our existing ASA firewall? Will it consume a lot of cpu utilization on it? -- Thanx, Kartik www.hcl.in +1 408 416 2089 X 5313 +91 9810998169
Current thread:
- SSL VPN Kartik (Jan 15)
- RE: SSL VPN TVB NOC (Jan 15)
- RE: SSL VPN Malhoit, Lauren (Jan 15)
- RE: SSL VPN Paul Hosking (Jan 16)
- Re: SSL VPN Jurgen Vermeulen (Jan 16)
- Re: SSL VPN Albert Gonzalez (Jan 17)
- RE: SSL VPN Malhoit, Lauren (Jan 15)
- RE: SSL VPN m.farid.shawara (Jan 21)
- RE: SSL VPN TVB NOC (Jan 15)
- Re: SSL VPN Tremaine Lea (Jan 15)
- Re: SSL VPN Jason Thompson (Jan 15)
- RE: SSL VPN Alex (Jan 15)
- Re: SSL VPN Ivan . (Jan 16)
- Re: SSL VPN mgk.mailing (Jan 17)
- Re: SSL VPN Edy Lie (Jan 17)
- Re: SSL VPN Jason Thompson (Jan 15)
- Re: SSL VPN Ivan . (Jan 17)