Warning

 

Close

Confirm Action

Are you sure you wish to do this?

Confirm Cancel
BCM
User Panel
bravocompany
primaryArms
aim
jt
fightlite
CA
laRue
Hit
springfield
SDS
skd
RS
delton
troy
vortex
midwest
GS
palmetto
VP
JRH
brownells
magpul
silencerShop
geissele

silencerShop
JRH
RS
jt
Pro2A
ar15com
bravocompany
LAPG
THBRD
blackhills
cmmg
CA
primaryArms
brownells
gray
geissele
fightlite
dsa
LAPG
springfield
palmetto
Faxxon
SAS
bravocompany
cmmg
tnvc
trijicon
bravocompany
Users Online3740 Online
bravocompany missing Hydra
Page General » Urban Commandos
Archived [ARCHIVED THREAD] - SSL VPN appliance
Posted: 6/24/2015 1:15:43 PM EDT
I'm looking to upgrade our SSL VPN box at the office here.



The end users are a few different types, remote desktop, network resource shares, Team Foundation Server access, Microsoft SL access.   There are a handful of appliances out there and everyone has an opinion on them.  A couple of friends have suggested the Juniper Pulse SA2500, Barracuda has a SSL VPN 480 that looks like it may work as well.  Anybody have experience with either unit or another one that you use and like.




On a snow day we may have 50 connected users.  I don't see us going over 100 concurrent vpn sessions in my time here.




Thanks in advance
Link Posted: 6/24/2015 1:39:19 PM EDT
[#1]
Consider rolling your own vs. investing in proprietary hardware with expensive licensing.  I use SoftEther VPN
Link Posted: 6/24/2015 3:13:31 PM EDT
[#2]
Depending on the user counts - Aruba 650/3600/7200 series controllers, Cisco ISRs, Microsoft Direct Access.

Build up your PKI, use EC certs, boom.  Easy IPSEC VPN.

Link Posted: 6/24/2015 11:02:14 PM EDT
[#3]
Discussion ForumsJump to Quoted PostQuote History
Quoted:
Consider rolling your own vs. investing in proprietary hardware with expensive licensing.  I use SoftEther VPN
View Quote

I never recommend rolling your own for edge devices or concentrstors that are critical. The risk assessment doesn't justify the cost savings or the lack of continuity.

OP both are excellent units and will meet your needs. These days I'm partial to Sophos UTMs, and you should check them out.
Link Posted: 6/24/2015 11:02:47 PM EDT
[#4]
Cisco ASA + AnyConnect client.

Link Posted: 6/25/2015 7:24:50 AM EDT
[#5]
Thank you for the feedback gentlemen, I really appreciate it.
Link Posted: 6/25/2015 8:37:51 AM EDT
[#6]



Discussion ForumsJump to Quoted PostQuote History
Quoted:




Cisco ASA + AnyConnect client.
View Quote
+1


 
Also consider adding two factor auth for all remote access.


 



ASA 5508-X Max 100 VPN Users

ASA 5516-X Max 300 VPN Users




Look at Any Connect V4 licenses for VPN you can do subscription so a pay as you grow thing but 100 Licenses is around $60 a year. Anyconnect V4 is now required for PCI compliance from a TLS and SSL support functionality.
Link Posted: 6/25/2015 9:43:38 AM EDT
[#7]
Discussion ForumsJump to Quoted PostQuote History
Quoted:
Also consider adding two factor auth for all remote access.
View Quote View All Quotes
View All Quotes
Discussion ForumsJump to Quoted PostQuote History
Quoted:
Quoted:
Cisco ASA + AnyConnect client.
Also consider adding two factor auth for all remote access.


This can't be stressed enough.  We use two-factor (username/password + certificate) and in some cases three-factor (username/password + certificate + Duo Security).  Duo is well worth the money regardless of whether or not you use certificates.

Link Posted: 6/25/2015 10:30:18 AM EDT
[#8]

Discussion ForumsJump to Quoted PostQuote History
Quoted:
This can't be stressed enough.  We use two-factor (username/password + certificate) and in some cases three-factor (username/password + certificate + Duo Security).  Duo is well worth the money regardless of whether or not you use certificates.
View Quote View All Quotes
View All Quotes
Discussion ForumsJump to Quoted PostQuote History
Quoted:



Quoted:


Quoted:

Cisco ASA + AnyConnect client.
Also consider adding two factor auth for all remote access.





This can't be stressed enough.  We use two-factor (username/password + certificate) and in some cases three-factor (username/password + certificate + Duo Security).  Duo is well worth the money regardless of whether or not you use certificates.
We use Duo Security as well. I also use it on my personal networks. Its one of the best solutions on the market.  

 
Link Posted: 6/25/2015 11:05:02 AM EDT
[#9]
Discussion ForumsJump to Quoted PostQuote History
Quoted:
We use Duo Security as well. I also use it on my personal networks. Its one of the best solutions on the market.    
View Quote View All Quotes
View All Quotes
Discussion ForumsJump to Quoted PostQuote History
Quoted:
Quoted:
Quoted:
Quoted:
Cisco ASA + AnyConnect client.
Also consider adding two factor auth for all remote access.


This can't be stressed enough.  We use two-factor (username/password + certificate) and in some cases three-factor (username/password + certificate + Duo Security).  Duo is well worth the money regardless of whether or not you use certificates.
We use Duo Security as well. I also use it on my personal networks. Its one of the best solutions on the market.    

I've started using Duo for CJIS environments,  I love it.
Archived [ARCHIVED THREAD] - SSL VPN appliance
Page General » Urban Commandos
Close Join Our Mail List to Stay Up To Date! Win a FREE Membership!

Sign up for the ARFCOM weekly newsletter and be entered to win a free ARFCOM membership. One new winner* is announced every week!

You will receive an email every Friday morning featuring the latest chatter from the hottest topics, breaking news surrounding legislation, as well as exclusive deals only available to ARFCOM email subscribers.


By signing up you agree to our User Agreement. *Must have a registered ARFCOM account to win.
SAS
primaryArms
LAPG
blackhills
RS
springfield
JRH
THBRD
LAPG
ar15com
cmmg
palmetto
Faxxon
geissele
brownells
bravocompany
silencerShop
fightlite
CA
gray
dsa
jt
Pro2A
missing
AR-15 AK-47 Handgun Precision Rifles Armory Training Competitive Shooting General Outdoors Archery Hometown Industry

About AR15.COM

Become an AR15.COM Team Member

AR15.COM is the world's largest firearm community and is a gathering place for firearm enthusiasts of all types.

From hunters and military members, to competition shooters and general firearm enthusiasts, we welcome anyone who values and respects the way of the firearm.

Stay Connected

AR15.COM Facebook AR15.COM Twitter AR15.COM YouTube AR15.COM Instagram
Pepperjam Verification

Newsletter

Subscribe to our monthly Newsletter to receive firearm news, product discounts from your favorite Industry Partners, and more.

Contact Us

Advertising
[email protected]
General
[email protected]

Copyright © 1996-2024 AR15.COM LLC. All Rights Reserved.
Any use of this content without express written consent is prohibited.

AR15.Com reserves the right to overwrite or replace any affiliate, commercial, or monetizable links, posted by users, with our own.

Advertising Memberships ARFCOM Shop Gear Deals Virtual Weapon Build Discussion Forums Help Privacy DMCA About Your Privacy Choices California Consumer Privacy Act (CCPA) Opt-Out Icon   Goat Signal
** When you click on links to various merchants on this site and make a purchase, this can result in this site earning a commission. Affiliate programs include, but are not limited to, the eBay Partner Network and Amazon.
Top Top