Seconded on OpenVPN for small deployments at least. Not sure the tools are there to really scale it to a large userbase, but i may be wrong. My experience was using it standalone or within PFsense
On Oct 19, 2010, at 8:43 PM, Jack Daniel <[email protected]> wrote: > First you must define what kind of SSL VPN you are talking about, for > example there's a huge difference between OpenVPN and the web > re-writing portals. Things like SSL strip may or may not be a factor > depending on the choice. > > I am a huge OpenVPN fanbois, and have been for years. > > Jack > > > On 10/19/10, Michael Douglas <[email protected]> wrote: >> Hey all, >> >> I'm trying to determine what protocols should be permitted on a new >> VPN concentrator. >> >> I'd like to stick with IPSec, it's tried and true, and to quote Garth: >> "We fear change". However, it seems that all the vendors are going >> down the SSL route. Now I know SSL is 'safe', but it seems like it's >> more open to attacks like SSLStrip (thanks again Moxie for making us >> aware of the problems!) I get that SSL is easier for administrators >> and end users alike, but is that convenience at too high a cost? >> >> So what are your thoughts? Am I being too paranoid? If there are >> articles or places where I should RTFM, that's cool... I just need to >> know what FM to read!! Please send the links/info ;-) >> >> >> Thanks for your input, and have a nice day! >> - Mick >> _______________________________________________ >> Pauldotcom mailing list >> [email protected] >> http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom >> Main Web Site: http://pauldotcom.com >> > > -- > Sent from my mobile device > > ______________________________________ > Jack Daniel, Reluctant CISSP > http://twitter.com/jack_daniel > http://www.linkedin.com/in/jackadaniel > http://blog.uncommonsensesecurity.com > _______________________________________________ > Pauldotcom mailing list > [email protected] > http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom > Main Web Site: http://pauldotcom.com _______________________________________________ Pauldotcom mailing list [email protected] http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
