nanog mailing list archives
RE: Best VPN Appliance
From: "Blomberg, Orin P (DOH)" <Orin.Blomberg () DOH WA GOV>
Date: Mon, 8 Mar 2010 11:37:02 -0800
There is also the fact to consider that Cisco has said there will be no support for Windows 64-bit on their IPSEC client, they are pushing people to the AnyConnect (An SSL-based clientless IPSEC) who want to use Windows 64-bit or other OSs, so in the future the argument for having a separate box for client-based IPSEC will be moot. Orin -----Original Message----- From: Stefan Fouant [mailto:sfouant () shortestpathfirst net] Sent: Monday, March 08, 2010 11:29 AM To: Voll, Toivo; Chris Campbell; Dawood Iqbal Cc: nanog () nanog org Subject: Re: Best VPN Appliance Toivo, The SA Series absolutely supports IPsec if you are using Network Connect. It defaults to using IPsec and if that is not supported then it will fall back to SSL. Of course, NC is not as secure as W-SAM, J-SAM, or Core Access in terms of role and resource granularity control but the support for IPsec is absolutely there. HTHs. Stefan Fouant ------Original Message------ From: Voll, Toivo To: Chris Campbell To: Dawood Iqbal Cc: nanog () nanog org Subject: RE: Best VPN Appliance Sent: Mar 8, 2010 11:56 AM We're generally happy with our Juniper SA6500s, but they, and a lot of the other SSL VPN vendor appliances will not support IPSec. Cisco's ASA does, but it's less feature-rich in the SSL VPN arena. The Juniper was the most mature and flexible of all the offerings we looked at, but also the most expensive, and it's not perfect either. Having migrated from Cisco's 3000 series appliances, the current SSL VPNs are a totally different mindset and about two orders of magnitude more complicated. Have a very good understanding of exactly what problem you're trying to solve with the product and what kind of policies and requirements you have to meet, or it's going to be a mess. I can answer more specific questions on our experiences and testing off-list. -- Toivo Voll University of South Florida Information Technology Communications -----Original Message----- From: Chris Campbell [mailto:Chris.Campbell () nebulassolutions com] Sent: Friday, March 05, 2010 11:36 AM To: Dawood Iqbal Cc: nanog () nanog org Subject: Re: Best VPN Appliance The Juniper SA is by far and away the market leader and in my opinion the best end user experience. On 5 Mar 2010, at 15:57, Dawood Iqbal wrote:
Hello All, Is it possible to get your ideas on what VPN appliances are good to
have in
enterprise network? Requirements are; SSL IPSec Client and Web VPN support (Win/MAC/iPhone/Android) If webvpn is used, then when any user connects via webvpn, we should
be able
to re-direct him to any and ONLY specific application i.e SAP. If 2 boxes are installed then they should replicate data seamlessly. Regards, dI
Sent from my Verizon Wireless BlackBerry
Current thread:
- Best VPN Appliance Dawood Iqbal (Mar 05)
- Re: Best VPN Appliance Chris Campbell (Mar 05)
- RE: Best VPN Appliance Voll, Toivo (Mar 08)
- RE: Best VPN Appliance Brian Johnson (Mar 08)
- Re: Best VPN Appliance Jason J. W. Williams (Mar 08)
- <Possible follow-ups>
- Re: Best VPN Appliance Stefan Fouant (Mar 08)
- RE: Best VPN Appliance Blomberg, Orin P (DOH) (Mar 08)
- RE: Best VPN Appliance Michael K. Smith - Adhost (Mar 08)
- RE: Best VPN Appliance Blomberg, Orin P (DOH) (Mar 08)
- Re: Best VPN Appliance Tony Varriale (Mar 08)
- Re: Best VPN Appliance Scott Howard (Mar 09)
- RE: Best VPN Appliance John Lightfoot (Mar 09)
- Re: Best VPN Appliance Nick Hilliard (Mar 09)
- RE: Best VPN Appliance Blomberg, Orin P (DOH) (Mar 08)
- Re: Best VPN Appliance Chris Campbell (Mar 05)
- Re: Best VPN Appliance Brandon Ewing (Mar 08)
- RE: Best VPN Appliance Jason Gurtz (Mar 08)
- Re: Best VPN Appliance Jon Auer (Mar 08)
- RE: Best VPN Appliance Mike Callahan (Mar 11)