[VPN] Universal VPN client

Bill Yazji byazji at psualum.com
Sat Jul 17 10:03:43 EDT 2004 

Boy, that wasn't a shameless plug - jeez..... :)
 
 I hope Juniper has some good stuff coming out, all of the trade rags
haven't been too friendly to their products in the past. Most of your mags
are pushing Aventail right now (which I've had positive experiences with).
As for SSL VPN - the market is still to infantile..... I personally have
tested boxes from multiple vendors, and each one seemed to be missing key
features that are required for an enterprise deployment.  Some vendors
choose to focus on management, but not feature set - others, the opposite.
Tons of features, but it was an admin nightmare.
 
Besides, SSL VPN vs. IPSec - no comparison for security.  IPSec wins hands
down.  There are too many hijacks out there that can easily grab your SSL
credentials, making SSL authentication unsafe.  All of your problems you
list below about NAT traversal problems, proxy conflicts, blah blah - can
all be easily rectified if using the right technology.  I deployed a 17,000
user IPSec VPN solution for the company I work for.  There were hurdles, but
it was because we were on the bleeding edge 2 years ago, now - it's a cake
walk..
 
If you read any Gartner or Burton article, they are ALL saying that there is
no "one size fits all" architecture... the smart IT manager will deploy both
- SSL and IPSec to the right user groups.  
 
 
~Bill

  _____  

From: vpn-bounces+byazji=psualum.com at lists.shmoo.com
[mailto:vpn-bounces+byazji=psualum.com at lists.shmoo.com] On Behalf Of Doug
Dooley
Sent: Friday, July 16, 2004 3:32 AM
To: Jas Chase; vpn at lists.shmoo.com
Subject: RE: [VPN] Universal VPN client



Just curious – why would you want to deal with the headaches of full client
software configuration + management, all the various NAT traversal problems,
and Proxy conflict issues associated with legacy Layer 3 tunneling clients
(L2TP, PPTP, IPSec)?

 

SSL VPN devices provide “anytime anywhere” access in three forms:

-          Pure clientless (web-based) – Internet café, kiosk, PDA, cell
phone, anything with a first-class SSL enabled browser

-          Semi clientless (client/server app support) via Java Applet or
ActiveX/Win32

-          Full Layer 3 access (windows network adapter over SSL)

 

No client software installation/configuration/management, No NAT traversal
problems, No proxy conflicts.

Sorry for the pitch but just thinking - right tool for the right job?

 

Maybe I’m missing something?

 

If cap-ex cost of the appliance is the issue, there are cost-effective
choices out there.

Just wait a couple of weeks when Juniper announces an extremely cost
effective SSL VPN appliance that will resonant with those price-sensitive
folks.

 

Your thoughts


 

Doug Dooley
Security Products Group
Technical Marketing, Manager


  _____  

From: vpn-bounces+ddooley=juniper.net at lists.shmoo.com
[mailto:vpn-bounces+ddooley=juniper.net at lists.shmoo.com] On Behalf Of Jas
Chase
Sent: Thursday, July 08, 2004 10:16 AM
To: vpn at lists.shmoo.com
Subject: [VPN] Universal VPN client

 

Hi All, 

Just wanted to know whether there is a universal VPN client for Windows that
supports IPSEC, PPTP, L2TP. My reason for asking this is because I do not
want to install proprietary Netscreen Client software on my laptop but
instead a universal client. Any help would be greatly appreciated. Thanks.

Sincerely, 
Jas Chase 
K-Swiss MIS 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.shmoo.com/pipermail/vpn/attachments/20040717/c885fb8b/attachment.htm 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: image/jpeg
Size: 2825 bytes
Desc: not available
Url : http://lists.shmoo.com/pipermail/vpn/attachments/20040717/c885fb8b/attachment.jpeg

More information about the VPN mailing list