vpn concentrators
Results 1 to 9 of 9

Thread: vpn concentrators

  1. #1
    Senior Member
    Join Date
    Dec 2001
    Posts
    1,193

    Question vpn concentrators

    Ok new thread - KorpDeath, hope you follow this one....

    Does anyone have rec on cisco vpn (3300) vs rsa ace?

    Trappedagainbyperfectlogic.
    Share on Google+

  2. #2
    Senior Member
    Join Date
    Jul 2001
    Posts
    143
    Well, I've worked with the RSA ACE servers, and they seem to do their job very well. I am, however, a big proponent of Cisco's (CCNA,CCNP), so I am certain their offering is probably pretty good as well. I would imagine that price would be the deciding factor for this one, cause both of the products are of good quality.

    So, I guess I recommend the ACE server, just because I've used it before and it works pretty well in a rather large-scale environment.

    Regards,
    Wizeman
    \"It\'s only arrogrance if you can\'t back it up, otherwise it is confidence.\" - Me
    Share on Google+

  3. #3
    Senior Member
    Join Date
    Dec 2001
    Posts
    1,193

    Smile

    Thks Wizeman. - -Did you use 1 2 or 3 lvl auth on your implementation? Currently kicking around 2 lvl but cost is an issue.

    - Also like cisco but for this fitup have no real favorite.
    Trappedagainbyperfectlogic.
    Share on Google+

  4. #4
    Priapistic Monk KorpDeath's Avatar
    Join Date
    Dec 2001
    Posts
    2,628

    HUH?

    Sorry. It's too complicated for me to follow.

    Actually I use the Alcatel VPN product with it's cert server and radius so I can't help. Pretty secure and I've had some attempts. So I'm sticking with it.
    Mankind have a great aversion to intellectual labor; but even supposing knowledge to be easily attainable, more people would be content to be ignorant than would take even a little trouble to acquire it.
    - Samuel Johnson
    Share on Google+

  5. #5
    Senior Member
    Join Date
    Jan 2002
    Posts
    458
    These are two completely different products. RSA ACE server is used for two-factor authentication using tokens. The Cisco 3000 series is a VPN concentrator, used to terminate VPN tunnels.

    Ideally, you would want to use the Cisco VPN for your VPN users, and point all VPN authentication to a separate ACE server.
    Share on Google+

  6. #6
    Senior Member
    Join Date
    Dec 2001
    Posts
    1,193
    Yeah that's where I'm going iNViCTuS. the rsa part has the vpn component added (actually living on a netra t1). The cisco deal uses a radius. Just wondering what the tradeoffs are.

    Trappedagainbyperfectlogic.
    Share on Google+

  7. #7
    Senior Member
    Join Date
    Jan 2002
    Posts
    458
    Actually RSA ACE can also use radius. RSA just uses a small bit of code (agent) that sits on your normal authentication server, radius, TACACS+, LDAP, etc. When a user tries to authenticate to the system, the ACE agent intercepts the request, and prompts you for it's login. The ACE server then passes the information (either accepted or rejected) back to the authentication server which then grants or denies the users access.

    So again...ACE has nothing to do with VPN other than the fact that it can be used to AUTHENTICATE a VPN user.
    Share on Google+

  8. #8
    Senior Member
    Join Date
    Jul 2001
    Posts
    143
    Actually, Invictus is right. ACE servers are for authentication with these tokens that change their number at a given time interval, and this along with the user's password is used for authentication. As far as I know, it didn't have any VPN capabilites built in. You are going to have to use a VPN terminator to handle the VPN connections.

    Sorry!

    Regards,
    Wizeman
    \"It\'s only arrogrance if you can\'t back it up, otherwise it is confidence.\" - Me
    Share on Google+

  9. #9
    Senior Member
    Join Date
    Dec 2001
    Posts
    1,193

    Unhappy

    Hmmm. (going to sites ref pgs for more info) Ok, need to do more research on this.

    thks all.
    Trappedagainbyperfectlogic.
    Share on Google+

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •