Sign in with
Sign up | Sign in
Your question

Need Quick Reply to Previous Post!

Last response: in Networking
Share
Anonymous
April 22, 2004 11:47:13 PM

Archived from groups: comp.dcom.vpn (More info?)

Justin:

I sell VPN firewalls, so I'll try to at least get you started. It
would help a lot if you were more specific about what features you
need/want.

From the sounds of it, you can definitely get away with something much
cheaper than $1,000 dollars for your needs. Much cheaper. (You're
talking Canadian dollars, right?)

Ciscos are good, but no one every accuses them of being inexpensive.
If you don't need your setup to support other Cisco equipment, I'd say
go with something mid- or low-priced. Generally, Cisco is for experts
or people who are willing to hire an expert.

What kind of bandwidth are you hoping for? Will you be connecting
via VPN frequently?
How many computers are there exactly? Will that number grow?
How many tunnels at a time will you need, just one? Do you anticipate
anyone else using the connection at the same time for VPN usage?

Is reliability important? How important?
Do you want good firewall features?
Good logging featuers?
Is ease of use really important? (It helps if you don't know much
about ipsec)
How about content filtering?

If you want to stay on the low end, most people consider Netgear,
DLink and Linksys a few others. I'm not big fans of any of these
brands. I find there are too many compatibility issues and bugs.
Check to see which of these includes free or unlimited tech. support.
Not all of them do. Moreover, for some of the brands, support is
terrible.

On the mid-end, you get to Zyxel, Netscreen, and Sonicwall.
All 3 of these are reasonably easy to use. I believe the 1st and the
3rd are the easiest to configure of the three, though I know I'll
get flamed for saying so.

Consider which vpn client software you're going to use. The windows
Ipsec client is free, but it's a b**ch to set up, even for pros.
There are some free versions of SSH Sentinel floating around. There
also a couple other free vpn clients floating around on the net.
I like Sentinel because it is fairly easy to set up, and works well
for most people. As of version 1.4, it is a paid product, as it was
bought out by Safenet Inc.

Need more info? Consider taking a gander through this guide:
The ICSA Guide to Purchasing a Firewall
http://www.truesecure.com/knowledge/resource/wp_buyers_...
ICSA is actually a corporate organization, but they are a fairly
objective source which reviews and certifies network harddware, (kind
of like UL reviews and certifies electronics in the US).

The truesecure (icsa) website also includes generic interconnectivity
info, so you can check which equipment/software works with which
other equip/vpn software.

Let us know if you have more questions.


Brad Karal
b-karalDoNOTspaMPleaSE@rogers.com


Remove extra characters in e-mail address to reply via e-mail.





On 21 Apr 2004 16:02:40 -0700, justin_c@shaw.ca (Justin C.) wrote:

>I need a quick reply somebody please reply quickly
>
>http://groups.google.com/groups?dq=&hl=en&lr=&ie=UTF-8&...
Anonymous
April 23, 2004 1:29:28 AM

Archived from groups: comp.dcom.vpn (More info?)

David Green <wouldnt@youliketoknow.com> wrote in message news:<037g80dkc5spjrk84q1sl64ev3s4md9mbi@4ax.com>...
> Justin:
>
> I sell VPN firewalls, so I'll try to at least get you started. It
> would help a lot if you were more specific about what features you
> need/want.
>
> From the sounds of it, you can definitely get away with something much
> cheaper than $1,000 dollars for your needs. Much cheaper. (You're
> talking Canadian dollars, right?)
>
> Ciscos are good, but no one every accuses them of being inexpensive.
> If you don't need your setup to support other Cisco equipment, I'd say
> go with something mid- or low-priced. Generally, Cisco is for experts
> or people who are willing to hire an expert.
>
> What kind of bandwidth are you hoping for? Will you be connecting
> via VPN frequently?
> How many computers are there exactly? Will that number grow?
> How many tunnels at a time will you need, just one? Do you anticipate
> anyone else using the connection at the same time for VPN usage?
>
> Is reliability important? How important?
> Do you want good firewall features?
> Good logging featuers?
> Is ease of use really important? (It helps if you don't know much
> about ipsec)
> How about content filtering?
>
> If you want to stay on the low end, most people consider Netgear,
> DLink and Linksys a few others. I'm not big fans of any of these
> brands. I find there are too many compatibility issues and bugs.
> Check to see which of these includes free or unlimited tech. support.
> Not all of them do. Moreover, for some of the brands, support is
> terrible.
>
> On the mid-end, you get to Zyxel, Netscreen, and Sonicwall.
> All 3 of these are reasonably easy to use. I believe the 1st and the
> 3rd are the easiest to configure of the three, though I know I'll
> get flamed for saying so.
>
> Consider which vpn client software you're going to use. The windows
> Ipsec client is free, but it's a b**ch to set up, even for pros.
> There are some free versions of SSH Sentinel floating around. There
> also a couple other free vpn clients floating around on the net.
> I like Sentinel because it is fairly easy to set up, and works well
> for most people. As of version 1.4, it is a paid product, as it was
> bought out by Safenet Inc.
>
> Need more info? Consider taking a gander through this guide:
> The ICSA Guide to Purchasing a Firewall
> http://www.truesecure.com/knowledge/resource/wp_buyers_...
> ICSA is actually a corporate organization, but they are a fairly
> objective source which reviews and certifies network harddware, (kind
> of like UL reviews and certifies electronics in the US).
>
> The truesecure (icsa) website also includes generic interconnectivity
> info, so you can check which equipment/software works with which
> other equip/vpn software.
>
> Let us know if you have more questions.
>
>
> Brad Karal
> b-karalDoNOTspaMPleaSE@rogers.com
>
>
> Remove extra characters in e-mail address to reply via e-mail.
>
>
>
>
>
> On 21 Apr 2004 16:02:40 -0700, justin_c@shaw.ca (Justin C.) wrote:
>
> >I need a quick reply somebody please reply quickly
> >
> >http://groups.google.com/groups?dq=&hl=en&lr=&ie=UTF-8&...


I'm probably gonna connect about maybe 2-4 computers VPN. I'm
considering the Cisco PIX 501 wiht the integrated 4 port switch. Do
you think, in your opinion, that it's a good choice? I need IPSec,
high-end firewall with IDS, and probably like 10 tunnels/user
licenses. And also maybe about like umm... 3-6 mbps througput
depending on encryption. I'm a security geek so don't blame me. Feel
free to post recommendations.

The ones I'm looking at:

Cisco PIX-501 Bundle with 10 Licenses
Sonicwall TZ 170 10 Node
Snapgear SME550 Unlimited Licenses
ZyXEL 10 II 10 Licenses
ZyXel 30 W 30 Licenses

How would these pieces of hardware fit in my network?

Wall Plug > Modem > VPN Device with Switch and DHCP > Computers 1 2 3
4 5 etc. ?

Wall Plug > Modem > VPN Device w/o Switch and DHCP (1 port WAN 1 port
out/LAN) > Linksys BEFSR81 router > Computers 1 2 3 4 5 etc. ?

And finally, where should I buy all this? Gimme some advertising if
you want Green :D 

Thanks for all your help and I'm a security nerd - using all this for
SOHO needs LOL
!