Re: Cisco VPN concentrator Replacement Recommendation Needed

["Avdagic, Indir" <indir_avdagic () WSU EDU>]

Schilling,

 

We are using Cisco ASA 55XX and we were able to implement user's
authentication and authorization against AD. Initially we had problems
with Cisco LDAP authorization attributes when we tried with ASA firmware
version 7.2.X.

After we upgrade to ASA firmware version 8.0.3 in which Cisco re-wrote
and renamed Cisco LDAP authentication and authorization attributes we
were able to map Cisco and AD LDAP attributes and everything works fine
now.

 

Regards,

 

__________________________
Indir Avdagic, CISSP, ACSA, TICSA
Network Security Engineer
Washington State University 
indir_avdagic () wsu edu <mailto:indir_avdagic () wsu edu> 
Phone: (509) 335-3279

 

 

 

 

From: The EDUCAUSE Security Constituent Group Listserv
[mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of schilling
Sent: Monday, March 24, 2008 7:58 AM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: [SECURITY] Cisco VPN concentrator Replacement Recommendation
Needed

 

Hi all,

We are considering replacing our current VPN concentrator since it's
EOL. Now our main consideration is either Cisco ASA5520/ASA5540 or
Juniper  SA2000/SA4000. Our Core network is Cisco centric for now, the
VPN is primarily IPSec remote access with few  site-to-site tunnels. We
would like to use SSL VPN for the future. We did some evaluation last
year on Juniper SA2000, it's really impressive in terms of  Role Mapping
with LDAP authentication(We have campus wide iPlanet LDAP
infrastructure).  Would you kindly share your thoughts on the VPN
solutions?

Thanks.

Sincerely,

Schilling