[123438] in North American Network Operators' Group
RE: Best VPN Appliance
daemon@ATHENA.MIT.EDU (Voll, Toivo)
Mon Mar 8 13:57:38 2010
From: "Voll, Toivo" <toivo@usf.edu>
To: Chris Campbell <Chris.Campbell@nebulassolutions.com>, Dawood Iqbal
<Dawood_Iqbal@hotmail.com>
Date: Mon, 8 Mar 2010 13:56:59 -0500
In-Reply-To: <ED75918E-304D-4788-A776-5474E2ED050D@nebulassolutions.com>
Cc: "nanog@nanog.org" <nanog@nanog.org>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
We're generally happy with our Juniper SA6500s, but they, and a lot of the =
other SSL VPN vendor appliances will not support IPSec. Cisco's ASA does, b=
ut it's less feature-rich in the SSL VPN arena. The Juniper was the most ma=
ture and flexible of all the offerings we looked at, but also the most expe=
nsive, and it's not perfect either.
Having migrated from Cisco's 3000 series appliances, the current SSL VPNs a=
re a totally different mindset and about two orders of magnitude more compl=
icated. Have a very good understanding of exactly what problem you're tryin=
g to solve with the product and what kind of policies and requirements you =
have to meet, or it's going to be a mess. I can answer more specific questi=
ons on our experiences and testing off-list.
--
Toivo Voll
University of South Florida
Information Technology Communications
-----Original Message-----
From: Chris Campbell [mailto:Chris.Campbell@nebulassolutions.com]=20
Sent: Friday, March 05, 2010 11:36 AM
To: Dawood Iqbal
Cc: nanog@nanog.org
Subject: Re: Best VPN Appliance
The Juniper SA is by far and away the market leader and in my opinion the b=
est end user experience.
On 5 Mar 2010, at 15:57, Dawood Iqbal wrote:
> Hello All,
>=20
>=20
>=20
> Is it possible to get your ideas on what VPN appliances are good to have =
in
> enterprise network?
>=20
>=20
>=20
> Requirements are;
>=20
> SSL
>=20
> IPSec
>=20
> Client and Web VPN support (Win/MAC/iPhone/Android)
>=20
> If webvpn is used, then when any user connects via webvpn, we should be a=
ble
> to re-direct him to any and ONLY specific application i.e SAP.
>=20
> If 2 boxes are installed then they should replicate data seamlessly.
>=20
>=20
>=20
>=20
>=20
> Regards,
>=20
> dI
>=20
