We are going site to site in our vpn configuration. we already have a
Compatible Systems box that provides VPN for our external employees. I
don't have the time to setup an all Linux solution as much as I would
like to. I also don't have anyone in our organization in the UK that
could fix/troubleshoot/admin a linux box(es). I would like to go to the
UK, but I don't think that my boss wants me to be there for an extended
period of time setting up machines. That is why I chose to go with a
Cisco router solution that would perform Routing/Firewalling/VPN all in
one box. Also, since we are getting E1 service to our UK office, and
moving our T1 in our Nashua office both over to exodus we wanted to get
hardware that Exodus will help us support. I really want to use a Linux
solution, but for these reasons I can not.
Thanks,
Josh
Greg Kettmann wrote:
>
> Paul: (hopefully your specific paragraph is properly placed below).
>
> Interoperability in the VPN space is a bit of a misnomer still. It's still a bit
> of the wild wild west with each vendor doing their own thing. The security
> standards are open and published but which one in use is up to each vendor.
>
> One of the larger questions is the clients you must support. If it's all Windows
> you have many choices. VPN is built into CheckPoint and I think Raptor as well.
> I personally do not recommend putting the function on your firewall. Nortel has a
> nice offering but I don't know if they have a Linux client. AT+T has an offering
> where they take care of the whole thing, again I don't know about Linux clients.
> I use Aventail. I know they're working on a Linux client but I haven't seen it
> yet.
>
> The Linux based commercial solutions sound great to me but you're correct that
> they will require a bit more setup (That is they are not a purchased, turn key
> solution). They appeal strongly to me because they will have Linux clients.
>
> One final thought. You said you were going site to site and not site to
> workstation. In that case you will want a VPN server on each end that will talk
> to each other. This can be done seamlessly to the user but allow secure data
> transport over the net.
>
> GGK
>
> > Well, the commercial offerings, though perhaps more costly up front, will save
> > you a tremendous amount of time. They've already done all the
> > interoperability testing to ensure that their product works with all the
> > systems that you need it to work with. That alone is a significant time sink,
> > and may well be time you don't have. Additionally, if something doesn't work
> > as advertised, these companies usually have Engineers that are available to
> > come on site and work things through with you so you don't sit there spinning
> > your wheels.
>
> **********************************************************
> To unsubscribe from this list, send mail to
> [EMAIL PROTECTED] with the following text in the
> *body* (*not* the subject line) of the letter:
> unsubscribe gnhlug
> **********************************************************
**********************************************************
To unsubscribe from this list, send mail to
[EMAIL PROTECTED] with the following text in the
*body* (*not* the subject line) of the letter:
unsubscribe gnhlug
**********************************************************
