R: SSL and IPSec appliance

["Vega - Brunello Ivan" <I.Brunello () vegaspa it>]

I've experienced several problems with ASA.

Either you use 7.x OS version, which is good (as always has been on IPSec), but a little less flexible on SSL, or you 
switch to 8.x, which is INCREDIBLE on SSL, but gave me nothing but problems on IPSec.

BTW, Cisco are my VPN devices of choice, and their VPN support (and expecially their DEBUG features) has always been 
very good (except, of course, what stated before).


I was told that Juniper/Netscreen could reach higher performance (notably, the Juniper devices have custom processors, 
while most of ASA's horsepower is based on plain Intel processors), but I don't have direct hands-on experience.


Ivan Brunello
System & Network Management

> -----Messaggio originale-----
> Da: listbounce () securityfocus com [mailto:listbounce () securityfocus com]
> Per conto di Alasdair Gow
> Inviato: mercoledì 29 ottobre 2008 15.53
> A: Ivan .
> Cc: security-basics () securityfocus com
> Oggetto: Re: SSL and IPSec appliance
>
> Hi,
>
> Have you considered the Cisco ASA range?
> http://www.cisco.com/en/US/products/ps6120/
>
> I find them very flexible in terms of client less vpn and ipsec and
> also
> you can can vpn over SSL with the anyconnect client too.
>
> Kind regards,
> Ally
>
>
> Ivan . wrote:
> > Hi,
> >
> > I am looking for some advice on appliances that support both
> > client-less SSL and IPSec tunneling VPNs. I have been evaluated the
> > Juniper SA range and they have great features on the SSL side, but do
> > not support IPSec tunneling.
> >
> > Any advice or experiences with our kit is appreciated
> >
> > Thanks
> > Ivan