RE: SSL VPN

["Malhoit, Lauren" <Lauren.Malhoit () tylertech com>]

Question about the SSL VPN implementation...I know that with traditional
VPN's you end up taking an IP from the company.  When you are using SSL
VPN, do you keep your own IP from your ISP or do you still pick one up
from the company?

-----Original Message-----
From: listbounce () securityfocus com [mailto:listbounce () securityfocus com]
On Behalf Of TVB NOC
Sent: Tuesday, January 15, 2008 12:04 PM
To: Kartik; security-basics () securityfocus com
Subject: RE: SSL VPN

I would look towards the Citrix Access Gateway solution and placing it
on the DMZ. 

If you are concerned about the utilization of the ASA, no matter what
solution you implement you should consider placing the SSL device on
your DMZ and using NAT... 

Hope this helps...

-----Original Message-----
From: listbounce () securityfocus com [mailto:listbounce () securityfocus com]
On Behalf Of Kartik
Sent: Tuesday, January 15, 2008 7:17 AM
To: security-basics () securityfocus com
Subject: SSL VPN

Hi List,

Currently we have 100+ home users who connect to our VPN gateway
(IPSEC) and access the resources. As the business is growing, within a
couple of months we'll be having more than 300 users operating from
home.

Management asked us to give them a "cost effective" solution to
migrate the existing home users to "SSL VPN" so that there won't be
any requirement of installing the software client etc (keeping in mind
that the associates working from home will be growing) and it will be
more secure.

We also have a Cisco ASA as a perimeter firewall on our network on
which we can configure the SSL VPN but cpu utilization on the ASA is
somewhere near 40%.

I would like to know the cost effective way to implement the same. I
would also like to know the products in the market which supports SSL
VPN or shall we go ahead and implement SSL VPN on our existing ASA
firewall? Will it consume a lot of cpu utilization on it?

-- 
Thanx,
Kartik
www.hcl.in
+1 408 416 2089 X 5313
+91 9810998169