-
January 14th, 2002, 02:42 PM
#1
vpn concentrators
Ok new thread - KorpDeath, hope you follow this one....
Does anyone have rec on cisco vpn (3300) vs rsa ace?
Trappedagainbyperfectlogic.
-
January 14th, 2002, 03:25 PM
#2
Well, I've worked with the RSA ACE servers, and they seem to do their job very well. I am, however, a big proponent of Cisco's (CCNA,CCNP), so I am certain their offering is probably pretty good as well. I would imagine that price would be the deciding factor for this one, cause both of the products are of good quality.
So, I guess I recommend the ACE server, just because I've used it before and it works pretty well in a rather large-scale environment.
Regards,
Wizeman
\"It\'s only arrogrance if you can\'t back it up, otherwise it is confidence.\" - Me
-
January 14th, 2002, 07:24 PM
#3
Thks Wizeman. - -Did you use 1 2 or 3 lvl auth on your implementation? Currently kicking around 2 lvl but cost is an issue.
- Also like cisco but for this fitup have no real favorite.
Trappedagainbyperfectlogic.
-
January 14th, 2002, 07:32 PM
#4
HUH?
Sorry. It's too complicated for me to follow.
Actually I use the Alcatel VPN product with it's cert server and radius so I can't help. Pretty secure and I've had some attempts. So I'm sticking with it.
Mankind have a great aversion to intellectual labor; but even supposing knowledge to be easily attainable, more people would be content to be ignorant than would take even a little trouble to acquire it.
- Samuel Johnson
-
January 14th, 2002, 09:30 PM
#5
These are two completely different products. RSA ACE server is used for two-factor authentication using tokens. The Cisco 3000 series is a VPN concentrator, used to terminate VPN tunnels.
Ideally, you would want to use the Cisco VPN for your VPN users, and point all VPN authentication to a separate ACE server.
-
January 14th, 2002, 09:44 PM
#6
Yeah that's where I'm going iNViCTuS. the rsa part has the vpn component added (actually living on a netra t1). The cisco deal uses a radius. Just wondering what the tradeoffs are.
Trappedagainbyperfectlogic.
-
January 14th, 2002, 10:09 PM
#7
Actually RSA ACE can also use radius. RSA just uses a small bit of code (agent) that sits on your normal authentication server, radius, TACACS+, LDAP, etc. When a user tries to authenticate to the system, the ACE agent intercepts the request, and prompts you for it's login. The ACE server then passes the information (either accepted or rejected) back to the authentication server which then grants or denies the users access.
So again...ACE has nothing to do with VPN other than the fact that it can be used to AUTHENTICATE a VPN user.
-
January 15th, 2002, 02:16 AM
#8
Actually, Invictus is right. ACE servers are for authentication with these tokens that change their number at a given time interval, and this along with the user's password is used for authentication. As far as I know, it didn't have any VPN capabilites built in. You are going to have to use a VPN terminator to handle the VPN connections.
Sorry!
Regards,
Wizeman
\"It\'s only arrogrance if you can\'t back it up, otherwise it is confidence.\" - Me
-
January 15th, 2002, 02:46 PM
#9
Hmmm. (going to sites ref pgs for more info) Ok, need to do more research on this.
thks all.
Trappedagainbyperfectlogic.
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|