Security Basics mailing list archives
Re: SSL VPN
From: Security <security () davidswafford com>
Date: Tue, 15 Jan 2008 21:57:25 -0500
Based on the amount of growth you have upcoming, have you considered putting VPN services on a separate box and let your firewall be dedicated to being just a firewall? We currently run a pair of PIXs as our external firewall and have a Cisco VPN 3060 Concentrator for vpn. Though if you are looking to buy now, the VPN 3000 series from Cisco is being EOL'd soon. We are replacing the PIX/3060 setup with 4 ASA 5520s in the next few months, a pair for VPN and a pair for Firewall services. For the record, we on usually have about 100-120 concurrent VPN sessions, about 80-90 of that are remote users.
David. On Jan 15, 2008, at 10:16 AM, Kartik wrote:
Hi List, Currently we have 100+ home users who connect to our VPN gateway (IPSEC) and access the resources. As the business is growing, within a couple of months we'll be having more than 300 users operating from home. Management asked us to give them a "cost effective" solution to migrate the existing home users to "SSL VPN" so that there won't be any requirement of installing the software client etc (keeping in mind that the associates working from home will be growing) and it will be more secure. We also have a Cisco ASA as a perimeter firewall on our network on which we can configure the SSL VPN but cpu utilization on the ASA is somewhere near 40%. I would like to know the cost effective way to implement the same. I would also like to know the products in the market which supports SSL VPN or shall we go ahead and implement SSL VPN on our existing ASA firewall? Will it consume a lot of cpu utilization on it? -- Thanx, Kartik www.hcl.in +1 408 416 2089 X 5313 +91 9810998169
Current thread:
- RE: SSL VPN, (continued)
- RE: SSL VPN m.farid.shawara (Jan 21)
- Re: SSL VPN Tremaine Lea (Jan 15)
- Re: SSL VPN Jason Thompson (Jan 15)
- RE: SSL VPN Alex (Jan 15)
- Re: SSL VPN Ivan . (Jan 16)
- Re: SSL VPN mgk.mailing (Jan 17)
- Re: SSL VPN Edy Lie (Jan 17)
- Re: SSL VPN Jason Thompson (Jan 15)
- Re: SSL VPN Andrea Gatta (Jan 15)
- Re: SSL VPN Kurt Buff (Jan 15)
- Re: SSL VPN Rodrigo Blanco (Jan 15)
- Re: SSL VPN Security (Jan 16)
- Re: SSL VPN Chad Loder (Jan 16)
- Re: SSL VPN Ivan . (Jan 17)
- Re: SSL VPN Chad Loder (Jan 17)
- Re: SSL VPN Bryan S. Sampsel (Jan 17)
- Re: SSL VPN Jurgen Vermeulen (Jan 18)
- Re: SSL VPN Patrick Beam (Jan 21)
- Re: SSL VPN c0unter14 (Jan 21)
- Re: SSL VPN Ivan . (Jan 17)