Re: Cisco VPN concentrator Replacement Recommendation Needed

["Consolvo, Corbett D" <cc72 () TXSTATE EDU>]

Schilling,
We just deployed a Juniper SSL cluster in the last few months running authentication against AD.  It's working really 
well, both with the full client and with the terminal session/web page access (we like this feature as it provides 
access without the remote machine attaching to the network).   Aventail also is a great product but I am hearing that 
there have been a few issues since they were purchased by Sonicwall.  We also have an old concentrator and I spent some 
time looking at the SSL piece - I felt it was not as enterprise-class as the Juniper.  Feel free to contact me off-list 
if you have any specific questions.

Thanks,
Corbett Consolvo
Texas State University

From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of schilling
Sent: Monday, March 24, 2008 9:58 AM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: [SECURITY] Cisco VPN concentrator Replacement Recommendation Needed

Hi all,

We are considering replacing our current VPN concentrator since it's EOL. Now our main consideration is either Cisco 
ASA5520/ASA5540 or  Juniper  SA2000/SA4000. Our Core network is Cisco centric for now, the VPN is primarily IPSec 
remote access with few  site-to-site tunnels. We would like to use SSL VPN for the future. We did some evaluation last 
year on Juniper SA2000, it's really impressive in terms of  Role Mapping with LDAP authentication(We have campus wide 
iPlanet LDAP infrastructure).  Would you kindly share your thoughts on the VPN solutions?

Thanks.

Sincerely,

Schilling