Securing App. Communication

[avishver]

Greetings all,    Here is one i'm trying to resolve, any help is welcome:     - Having application for more than 10,000 users communicating       with a server via modem to modem using TCP/IP.     - User authentication is in the application level.     -  I want to secure the communication lines.     - I think about two ways:       Using some crypto toolkit like Baltimore, Certicom etc.          to develope secure channel from client to server.       Using SecureRemote from Checkpoint as a VPN from         client to the FireWall  without using the authentication, only         the VPN, Don't use LDAP at the moment.    -  Problems:       Toolkit: time to develop, bugs, maintenance & change sensitive .        SecureRemote: Preformace (heavy load on firewall), need to keep        all Uid's on firewall.    - Questions:      - Any better ideas ?.      - Any hands on experience with Baltimore "C"          library toolkit , with CheckPoint SecureRemote         at those volumes?.      - Is LDAP a must for the VPN solution?, if so is         it time consuming to develop from scratch ?     TIA    Avi      <<<< "Children", I say plainly, "watch out for the baobabs!"  >>>> <<<<       The Little prince by Antoine de Saint Exupery.        >>>>