Posted: 6/24/2015 1:15:43 PM EDT
|
I'm looking to upgrade our SSL VPN box at the office here. The end users are a few different types, remote desktop, network resource shares, Team Foundation Server access, Microsoft SL access. There are a handful of appliances out there and everyone has an opinion on them. A couple of friends have suggested the Juniper Pulse SA2500, Barracuda has a SSL VPN 480 that looks like it may work as well. Anybody have experience with either unit or another one that you use and like. On a snow day we may have 50 connected users. I don't see us going over 100 concurrent vpn sessions in my time here. Thanks in advance |
| Consider rolling your own vs. investing in proprietary hardware with expensive licensing. I use SoftEther VPN |
|
Quoted:
Consider rolling your own vs. investing in proprietary hardware with expensive licensing. I use SoftEther VPN I never recommend rolling your own for edge devices or concentrstors that are critical. The risk assessment doesn't justify the cost savings or the lack of continuity. OP both are excellent units and will meet your needs. These days I'm partial to Sophos UTMs, and you should check them out. |
|
Quoted: Cisco ASA + AnyConnect client. Also consider adding two factor auth for all remote access. ASA 5508-X Max 100 VPN Users ASA 5516-X Max 300 VPN Users Look at Any Connect V4 licenses for VPN you can do subscription so a pay as you grow thing but 100 Licenses is around $60 a year. Anyconnect V4 is now required for PCI compliance from a TLS and SSL support functionality. |
|
Quoted:
Also consider adding two factor auth for all remote access. Quoted:
Quoted:
Cisco ASA + AnyConnect client. This can't be stressed enough. We use two-factor (username/password + certificate) and in some cases three-factor (username/password + certificate + Duo Security). Duo is well worth the money regardless of whether or not you use certificates. |
|
Quoted: This can't be stressed enough. We use two-factor (username/password + certificate) and in some cases three-factor (username/password + certificate + Duo Security). Duo is well worth the money regardless of whether or not you use certificates. Quoted: Quoted: Quoted: Cisco ASA + AnyConnect client. This can't be stressed enough. We use two-factor (username/password + certificate) and in some cases three-factor (username/password + certificate + Duo Security). Duo is well worth the money regardless of whether or not you use certificates. |
|
Quoted:
We use Duo Security as well. I also use it on my personal networks. Its one of the best solutions on the market. Quoted:
Quoted:
Quoted:
Quoted:
Cisco ASA + AnyConnect client. This can't be stressed enough. We use two-factor (username/password + certificate) and in some cases three-factor (username/password + certificate + Duo Security). Duo is well worth the money regardless of whether or not you use certificates. I've started using Duo for CJIS environments, I love it. |