Security Basics mailing list archives

RE: Scanning ssl vpn traffic

From: "Cassiem, Nazier A" <Nazier.Cassiem () za bp com>
Date: Fri, 8 Feb 2008 14:39:22 +0200

Hi,

We are busy trying to migrate from FTP to secure FTP,

Can you provide answers to the following questions 

Cardex UK FTP from the Cardex Tandem server in the UK to a local South
african server directly to drop and collect files. I guess they will
have to change to SFTP, is this correct?

2.      We frequently use Windows Explorer to download CDR files from a
FTP directory. All Turfview updates, patches and documentation are also
downloaded from this FTP directory. How will SFTP affect this process?

3.      We currently use Reflection FTP Client as a local tool for
transferring files from UNIX to the Network and vice versa. Will we
still be able to use this tool after the switch?

4.      We currently use command line FTP in UNIX for inter UNIX file
transfers. Will we still be able to use this after the switch?

5.      We often need to manually FTP files to partners after FTP
transfer failures. This is done in UNIX command line mode. Will we be
able to do the same with SFTP after the switch?

Any assistance will be much appreciated

Thanks in advance

Nazier
 

-----Original Message-----
From: listbounce () securityfocus com [mailto:listbounce () securityfocus com]
On Behalf Of Secure This
Sent: Thursday, February 07, 2008 2:20 PM
To: security-basics () securityfocus com
Subject: Scanning ssl vpn traffic

Hi, I have a Juniper ssl vpn solution and have been tasked with
providing a ips/virus scanning solution that scans traffic coming in
from our users and 3rd parties that have been given access. I expect no
more than 100 concurrent users within a financial environment that needs
to be PCI compliant. I have been recommended Fortinet, but the
appliances have quite small file size limits (below) so the size of the
box versus our number of users doesn't add up.

Juniper also have a IDP range which may work well seeing as we have
juniper ssl vpn gateways. Can anybody recommend either of these options
or something better for good reasons? I'm not in a position to
pyhsically evaluate any appliances myself unfortunately.

Many thanks!

FortiGate Model                        RAM      MAX size
50A, 60M, 60WiFi                     128MB     12MB
100A                                       256MB     25MB
200A, 300A, 400A, 1000A         512MB     50MB
500A, 800, 800F                         1GB      139MB
3600, 5000                                2GB      547MB

Current thread:

Auditing Active Directory Passwords k7 . fantr (Feb 06)
- RE: Auditing Active Directory Passwords Jesse Rink (Feb 06)
  - RE: Auditing Active Directory Passwords Uzair Hashmi (Feb 07)
- Re: Auditing Active Directory Passwords Nikhil Wagholikar (Feb 07)
- Disabling split tunnelling on an ssl vpn Secure This (Feb 07)
  - Re: Disabling split tunnelling on an ssl vpn Ronald van der Westen (Feb 08)
    - Re: Disabling split tunnelling on an ssl vpn Secure This (Feb 08)
- Scanning ssl vpn traffic Secure This (Feb 07)
  - RE: Scanning ssl vpn traffic Cassiem, Nazier A (Feb 08)
- <Possible follow-ups>
- Re: RE: Auditing Active Directory Passwords wyse101 (Feb 07)
- Re: Auditing Active Directory Passwords maash . rajani (Feb 07)
- Re: Auditing Active Directory Passwords Uzair Hashmi (Feb 08)
  - Re: Auditing Active Directory Passwords li bo (Feb 11)