I assume you're talking about remote access solutions as opposed to network
to network ...
You should also factor in the cost of managing the solution you pick, and
also the security of the solution. We ended up choosing Nortel's Contivity
box for this reason. The users find it really easy to use (the client
software fits on a floppy and can be pre-configured), which means that we
save a lot of time (time is money, right?) supporting the users. When they
were using SecuRemote, we'd get calls all the time. Now that they're using
Nortel, we have virtually no troubleshooting after the initial setup (and we
usually don't even need to get involved with that). Another feature that
saves headaches is the ability to set policies for the clients. You can
prevent them from saving their password in the client software, and other
features. This remote management of the client software is really great.
Contivity is also more secure than VPNet, SecuRemote, and many other
solutions we looked at. The reason is that when someone is running the
Contivity client, all incoming Internet traffic can be blocked -- all
incoming and outgoing traffic go through your firewall. They also allow
split tunneling, which is where outgoing traffic (from the client) goes
through their regular Internet connection, but incoming traffic still goes
through the VPN.
The only downsides to the low-end Contivity solutions are the initial price
(more than some VPN solutions), and the speed. However, since it requires
less management, it costs us less in the long run. And since most of the
users are connecting from home, high-speed encryption isn't as much of a
factor as a LAN to LAN connection would be (we're looking at other solutions
for that, including VPNet and Xedia).
Jen
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
