I've not used anything other than Cisco personally. Within that, I've only used routers and PIX firewalls- no Concentrators. But i've run the gamut of PIXes (515's, 520's, 525's) and routers (everthing from a 2500 series to a 7500 series). I also run Client VPNs from my 525-pair head-ends.

I use AES-256 unless the device doens't have enough memory to support a newer IOS image. In the latter case i use 3DES. I normally use SHA for the hashing.

Since I've never used a Concetrator from Cisco, I can only speak to PIXes and routers. I tend to prefer working with the PIXes, but I would agree w/ most people and say the routers are a little less tempremental and easier to work with on the remote nodes.

All of the Cisco solutions are extremely scalable imho.

I've only run Linux VPNs in a lab setting, so I wouldn't feel comfortable giving advice out re: that avenue.

All in all, it really comes down to what you want, what you want to pay, and how much work you're willing to throw at your VPN solution. How conversant are you with Cisco? How conversant with Linux? How much time do you have to prototype your solution and implement? How much $$$ is budgeted? Lastly, who is responsible for maintenance (and ask them the 'conversant' questions).

I would never write one is better than the other...but I'm sure one solution will fit your needs more adequately than another.

Hope that helps...

Cheers,
<0