FW: [vpn] Review of 13 VPN products

Tim Slighter timslighter at home.com
Wed Oct 3 16:32:43 EDT 2001


I believe what they may have been referring to is that only one ISAKMP can
be matched against the outside interface at one single point in time.

-----Original Message-----
From: Dana J. Dawson [mailto:djdawso at qwest.com]
Sent: Wednesday, October 03, 2001 12:04 PM
To: Joel Snyder
Cc: vpn at securityfocus.com
Subject: Re: [vpn] Review of 13 VPN products


Joel Snyder wrote:
>
> Folks:
>
> In case you hadn't seen it, Network World just published a review I did
> of 13 different VPN products, focusing on site-to-site and enterprise
applications:
>
> http://www.nwfusion.com/reviews/2001/1001rev.html
>
> --
> Joel M Snyder, 1404 East Lind Road, Tucson, AZ, 85719
> +1 520 324 0494 x101 (voice)    +1 520 324 0495 (FAX)
> jms at Opus1.COM    http://www.opus1.com/jms    Opus One
> Electronic mail is always the best way to contact me.
>
> VPN is sponsored by SecurityFocus.com

I disagree with the assertion in the article that the Cisco products only
allow
a single IKE policy to be configured.  Both IOS and the PIX allow multiple
isakmp policy clauses, and it's not very hard to figure that out.  If the
people
doing the testing missed something this obvious when configuring the Cisco
gear,
it makes me wonder how much else they might have missed.  Because of this, I
have serious doubts about the credibility of the testers and their results.

Dana

--
Dana J. Dawson                     djdawso at qwest.com
Senior Staff Engineer              CCIE #1937
Qwest Global Services              (612) 664-3364
Qwest Communications               (612) 664-4779 (FAX)
600 Stinson Blvd., Suite 1S
Minneapolis  MN  55413-2620

"Hard is where the money is."

VPN is sponsored by SecurityFocus.com


VPN is sponsored by SecurityFocus.com





More information about the VPN mailing list