Very good, I like it.
There's also another very big difference, from where I sit as a consultant. A
Business to Business connection usually has higher demands on capacity and reliability
and thus the customer is more willing to pay for it, and for support. The solutions
to the desktop are usually not as mission critical or are being used to validate the
technology and so a bit less critical and probably not as well funded.
So far the following vendor's or products have been mentioned:
http://www.freeswan.org/
http://www.compatible.com/ (Intraport)
http://www.uac.com/
With that in mind I need to qualify my original question. There are VPN servers and
VPN clients. B2B generally implies two servers so compatibility is not an issue. On
the Business to Desktop compatibility is an issue. Regardless of the server the
question involves the client code. Aventail and Nortel Contivity are both nice
productes but neither supports a Linux client (as far as I know). Also, it's usually
pretty safe to say that any VPN server should have Windows client code.
So, I have the following questions about the above products.
I assume all of the above (I've looked through the sites but not extensively) are
servers.
Do they have Windows and Linux clients?
Are they software (which we install) or prebuilt products? (UAC and Intraport seem to
be HW while freeswan seems to be software)
How are these products supported? (I would assume freeswan is a newsgroup type of
support while the other two, as hardware products, would have standard support
offerings).
Any comments are welcome. At first blush it sounds like I'd like to install Freeswan
at home to play with. I don't think I see any officially supported (IE a phone
number) Linux VPN Server packages but there are at least two Linux based hardware
packages (IntraPort and UAC).
TIA, GGK
"Kenneth E. Lussier" wrote:
> Karl,
> The reason that I bought up the distinction of business-to-business and
> business-to-desktop was basically a matter of deployment. A B-to-B solution
> is usually a pipe from one offices LAN to another, creating a VLAN
> connection. A B-to-D solution is usually deployed so that
> employees/customer/vendors can remotly access the companies LAN from their
> home or on the road. In the B-to-B case, you have a setup similar to :
> LAN ----> VPN SERVER ---->FIREWALL ------> INTERNET -----> FIREWALL
> ------>VPN SERVER -----> LAN
> It is basically a pipe through which all traffic flows. The VPN/Free S/wan
> box on one side only talks to the VPN box/Free S/wan on the other side.
> This sort of solution is usually deployed to allow several clients to
> connect directly to resources on the other network without the use of VPN
> client software loaded onto every system on the LAN.
> A B-to-D solution looks like this:
> VPN CLIENT -----> INTERNET -----> FIREWALL -----> VPN SERVER -----> LAN
> Although this is similar, the difference is that the VPN Client represents
> a single PC with special software that allows it to connect to the VPN
> Server. Also, there are usually other systems involved in a B-TO-D
> solution, such as a RADIUS server, Authentication server, and
> accounting/logging server, depending on your particular needs. These things
> are not required in all situations, and depending on the products you
> choose, some VPN switches can do all of this stuff nativly. Also, in both
> diagrams, the VPN servers can be on either side of the firewall, depending
> on the firewall and security measures.
> Hope this helps a little bit. I'm better at answering specific question
> than I am at general over views. I'd make a lousey teacher !;-)
> Kenny
>
> >At 10:59 AM 3/3/00 -0800, you wrote:
> >>
> >>Hi Ken,
> >>
> >>Could you and/or Brice define a bit more and elaborate on the sorts of
> >>different issues that exist for "business-to-business" and
> >>"desktop-to-business" VPN's?
> >>(please try to limit issues to *Linux* VPN software if possible)
> >>
> >>I'm such an old-time/bone-head Unix user, if I see that "Free S/WAN"
> >>is a solution (and GPL'd at that) to connect a Home (or SOHO) LAN to
> >>a business LAN, I say: "Well, just use it on 1 machine, and there's
> >>your 'desktop-to-business' solution" ;-)
> >>
> >>Feel free to email just me rather than the list if you feel I'm taking
> >>this thread down a rat-hole!
> >>
> >>
> >>Karl Runge
> >>
> >>
> >>On Fri, 03 Mar 2000, "Kenneth E. Lussier" <[EMAIL PROTECTED]> wrote:
> >>> Karl,
> >>> I wasn't trying to say that either. I was just pointing out that Free
> >>> S/wan is GREAT for business-to-businnes, but it is lacking in the
> >>> desktop-to-business area. The IntraPort is great for desktop-to-business,
> >>> but I honestly don't know how good it is for b-to-b, since I have never
> >>> used it for that. There is also the PN7 by Unified Access Communications
> >>> (http://www.uac.com). I think most VPN's do IPSec at this point. I like
> the
> >>> idea of the home-grown solutions. I've actually been working on some stuff
> >>> of my own in my spare time.
> >>> Kenny
> >>> At 07:31 AM 3/3/00 -0800, Karl J. Runge wrote:
> >>
> >>
> >>**********************************************************
> >>To unsubscribe from this list, send mail to
> >>[EMAIL PROTECTED] with the following text in the
> >>*body* (*not* the subject line) of the letter:
> >>unsubscribe gnhlug
> >>**********************************************************
> >>
>
> **********************************************************
> To unsubscribe from this list, send mail to
> [EMAIL PROTECTED] with the following text in the
> *body* (*not* the subject line) of the letter:
> unsubscribe gnhlug
> **********************************************************
**********************************************************
To unsubscribe from this list, send mail to
[EMAIL PROTECTED] with the following text in the
*body* (*not* the subject line) of the letter:
unsubscribe gnhlug
**********************************************************
