Q: Hardware VPN Solutions

James Deal james__deal at HOTMAIL.COM
Mon Mar 20 13:35:03 EST 2000 

In addition to being OS independent, a hardware VPN solution also simplifies
the configuration of the remote client.  Theoretically, it could use the
same configuration as an internal system.

Software based VPNs are also vulnerable to being inadvertantly (or
intentionally) compromised by the user.  We are also want to remove the
ability of the user to turn off the VPN.

The Personal Ravlin seems to be the only product of it's kind.  Our two
greatest concerns were the price ($500 in quantity is still 20-100 times as
expensive as the software solution) and the certificates it uses.  Only
Netscape certificates are currently supported.  However, Verisign support
will be in a forthcoming firmware update.

I would be interested to hear more about what you didn't like about Red
Creek's solution, since that's currently what we are considering.

James

>From: Chris Carlson <carlsonmail at YAHOO.COM>
>Reply-To: Chris Carlson <carlsonmail at YAHOO.COM>
>To: VPN at SECURITYFOCUS.COM
>Subject: Re: Q: Hardware VPN Solutions
>Date: Wed, 15 Mar 2000 12:04:34 -0800
>
>There's a few that I'm aware of, but probably much
>more.
>
>I agree with you that sometimes hardware VPN devices
>on cable and/or DSL links address a lot of the
>end-user manageability of VPN client software.  Plus,
>hardware devices can support non-Windows machines,
>whereas most VPN client vendors *only* work on
>Windows.
>
>RedCreek (www.redcreek.com) has a hardware unit called
>Personal Ravlin, but of course you gotta use it with
>their Ravlin system.  I think it's about $500.  I
>wasn't that impressed by RedCreek when I researched
>them a year ago; perhaps they've changed.
>
>CheckPoint has created a company called SofaWare
>(www.sofaware.com) that will put a slim FW/VPN module
>in cable and DSL modems, but it's slideware today.
>
>Yeouch!  That's all I can come up with.  It may be
>possible to find a cable modem that has VPN code on
>it, but I don't know of any.
>
>You also don't have to roll out an IPSec or PPTP VPN.
>How about SOCKS?  How about thin client?  How about
>SSL Web apps?
>
>Hope this helps,
>Chris
>-
>--- "Fiamingo, Frank" <FiamingF at STRSOH.ORG> wrote:
> > I'm looking for comments on the best hardware-based
> > VPN to use (or what not
> > to use).
> > Many of our employees now have cable modem access
> > and would like to connect
> > to
> > our corporate LAN from home.  With the variablity in
> > home machines and
> > user's
> > technical abilities I'd prefer a hardware, rather
> > than a software solution -
> > something to
> > insert between the PC and Cable modem that could be
> > tied to an X.509
> > certificate for
> > authentication at the corporate end.
> >
> > Any suggestions?
> >
> > 	Thanks,
> > 	Frank
> >
> > VPN is sponsored by SecurityFocus.COM
> >
>
>__________________________________________________
>Do You Yahoo!?
>Talk to your friends online with Yahoo! Messenger.
>http://im.yahoo.com
>
>VPN is sponsored by SecurityFocus.COM

______________________________________________________
Get Your Private, Free Email at http://www.hotmail.com

VPN is sponsored by SecurityFocus.COM

More information about the VPN mailing list