Firewall Wizards mailing list archives
Re: VPN and firewalls
From: "Steve Goldhaber" <goldy () compatible com>
Date: Mon, 9 Feb 1998 14:09:12 -0700
Date: Fri, 6 Feb 1998 09:45:31 -0700 (MST) From: Rik Farrow <rik () spirit com> To: firewall-wizards () nfr net Subject: VPN and firewalls
I am curious about why people are choosing VPN solutions which are independent of firewalls, for example, Aventail or TimeStep.
Here are a few reasons from our customer base: 1) Current firewall didn't have VPN and they didn't want to change the firewall. 2) Free client and/or free upgrades. 3) VPN becomes part of the firewall (a firewall doesn't have to be a single machine) so selecting each component separately gives flexibility and easier access to upgrades (I can upgrade the filtering without touching the VPN or vice versa). 4) Customer has many sites with different firewalls and wants to have easier management of the VPN.
Do people poke these streams through their firewalls?
Yes although for our products, the hole goes only to the VPN device(s) which is(are) virtually part of the firewall so the security perimeter is maintained.
Is it a matter of performance?
Not in my experience.
Why pay extra for VPN capability which is already included in many firewalls?
Reasons 1 and 4 above. Steve Goldhaber Compatible Systems goldy () compatible com http://www.compatible.com (303) 444-9532
Current thread:
- VPN and firewalls Rik Farrow (Feb 07)
- Re: VPN and firewalls Paul D. Robertson (Feb 09)
- Re: VPN and firewalls Stuart Moore (Feb 09)
- Re: VPN and firewalls Rick Smith (Feb 09)
- Re: VPN and firewalls Steve Goldhaber (Feb 09)
- <Possible follow-ups>
- Re: VPN and firewalls Linwood Ferguson (Feb 09)
- Re: VPN and firewalls Aleph One (Feb 09)
- Re: VPN and firewalls tbird (Feb 09)