Re: Cisco VPN concentrator Replacement Recommendation Needed

[Russ Leathe <Russ.Leathe () GORDON EDU>]

Hi Schilling,

 

We have been using the Juniper SA4000 for over a year now.   Not having
to deal with a client install has been nice.  The role mapping is
great...especially for our vendors...they authenticate and immediately
connect to their mapped drive or application automatically. 

 

 We have notice a rise in the number of remote users over the past six
months (mainly due to our new ERP system).  Typically, requests come in
for VPN access  at the last minute (most of the time while they are on a
plane heading to their destination).  It's been great that we can
accommodate our users even though they don't always plan ahead.  :^)

 

We authenticate using LDAP via MS AD. Local users can be created as
well, if needed.  We use the local user feature for temporary access
(less than a week).

 

Hope this helps,

 

Russ

 

 

 

 

 

From: The EDUCAUSE Security Constituent Group Listserv
[mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of schilling
Sent: Monday, March 24, 2008 10:58 AM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: [SECURITY] Cisco VPN concentrator Replacement Recommendation
Needed

 

Hi all,

We are considering replacing our current VPN concentrator since it's
EOL. Now our main consideration is either Cisco ASA5520/ASA5540 or
Juniper  SA2000/SA4000. Our Core network is Cisco centric for now, the
VPN is primarily IPSec remote access with few  site-to-site tunnels. We
would like to use SSL VPN for the future. We did some evaluation last
year on Juniper SA2000, it's really impressive in terms of  Role Mapping
with LDAP authentication(We have campus wide iPlanet LDAP
infrastructure).  Would you kindly share your thoughts on the VPN
solutions?

Thanks.

Sincerely,

Schilling