+1 or Sonicwall Golbal VPN. Either way, I'd go hardware and away from Microsoft.
-- Espi On Mon, Nov 13, 2017 at 6:04 PM, Don Ely <[email protected]> wrote: > Why can't Global Protect achieve all of your needs? Did I miss some > requirement they can't meet? > > On Mon, Nov 13, 2017 at 5:25 PM Kurt Buff <[email protected]> wrote: > >> Arg - that should be "seeking commercial services".. >> >> And, once I bring recommendations, it might well be that we just fall >> back to a DirectAccess server in each office, with our without a >> multi-site configuration, potentially with an SSP VPN appliance also >> at each office for backup and contractors, and call it good. >> >> Kurt >> >> On Mon, Nov 13, 2017 at 5:03 PM, Kurt Buff <[email protected]> wrote: >> > I'm not sure either, but that's the task I've been given - not >> > necessarily to implement at this stage, but to scope out the >> > alternatives and come up with some possibilities. >> > >> > It's also why I'm seeing recommendations on commercial services, so >> > that our implementation requirements are minimized. >> > >> > Kurt >> > >> > On Mon, Nov 13, 2017 at 4:38 PM, Joseph L. Casale >> > <[email protected]> wrote: >> >> I've done a lot of openvpn setups in a myriad of formats, site to >> site, hub and spoke, client etc. >> >> It works well and there are even some lesser documented features that >> do some neat stuff but you are now rolling your solution and marinating it >> manually. >> >> Not sure how well that will scale unless you have a skilled team. >> >> >> >>> -----Original Message----- >> >>> From: [email protected] >> >>> [mailto:[email protected]] On Behalf Of Kurt Buff >> >>> Sent: Monday, November 13, 2017 5:22 PM >> >>> To: ntsysadm <[email protected]> >> >>> Subject: [NTSysADM] Looking for a global VPN solution - looking for >> input >> >>> >> >>> All, >> >>> >> >>> 1) For staff, currently we're using DirectAccess on 2012R2 as our >> >>> primary conduit in the US, with SSL VPNs (SonicWall and Palo Alto >> >>> Global Protect) as primary for our overseas offices and secondary for >> >>> the US (Sonicwall). >> >>> >> >>> 2) In the US office, we also have contractors/consultants needing to >> >>> use our SSL VPN for access to various resources, and that will likely >> >>> expand to our overseas offices soon. Differentiation and securing >> >>> resources is even more important here than in 1). >> >>> >> >>> 3) We also stand up IPSec tunnels for vendors/partners as needed (lab >> >>> to lab), for interoperability/compatibility testing. >> >>> >> >>> We're looking to get into a solution that will take care of at least >> >>> the first two (and ideally the third as well), so that we don't have >> >>> so many platforms to support, and so that we can make sure that staff >> >>> in the field get the fasted connection available. >> >>> >> >>> I've taken a quick gander at the websites for vyprvpn (Golden Frog), >> >>> and OpenVPN (commercial client offering), but don't have much of an >> >>> opinion on them, as info about them is a bit thin. >> >>> >> >>> Anyone have experience with solutions like this, and care to comment? >> >>> >> >>> Thanks, >> >>> >> >>> Kurt >> >>> >> >> >> >> >>
