I've used a few variations of VPN products and here are some thoughts that might help.
1. Use something that supports "industry-standard" specs such as IPSEC, ISAKMP, etc. In the past I have primarily used Shiva (now Intel) which is REALLY easy to deploy and manage, but is also very proprietary. Now we are switching VPN solutions, and will be forced to redistribute client software (bummer). I believe Intel's new solution is headed more in the direction of industry standard specs, but may not quite be there yet. 2. Consider how your internal Internet connectivity is configured. If you are using NAT for your internal users to get to the Internet, and are going to try to run VPN through a NAT'd address, you have a problem. Industry standard VPN (IPSEC) uses TCP, and does not play well with NAT (because of the port # switching, etc). There is currently a big discussion underway about how to get around this problem, which they claim will be resolved soon. If your VPN solution uses UDP, such as Shiva does (or did until Intel dropped the product recently), you can get away with NAT because you are using UDP. There was a good article in last month's edition of "Information Security Magazine" that explained it much better than I could hope to. Anyway, hope that helps. Since my company is also looking into replacing our VPN solution, I'd be glad to work together with you and compare notes as we go along through the process. So drop me an email if you are interested. Best Of Luck, Brian Wilkins CNE / MCSE / CCNP khramov wrote: > > Does anyone have any recomendations on VPN producs? Links to > articles > and personal experience woudl be great. > As far as know Cisco VPN concentrators, Check Point, and Nokia > rules the > market. What is your opinion on that. > > Thanks, > Alex > > [GroupStudy.com removed an attachment of type text/x-vcard > which had a name of khramov.vcf] > > Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=24420&t=24231 -------------------------------------------------- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
