When you say "citrix clientless VPN" do you mean the citrix "nfuse" product. I am quite familiar with that beast.
[EMAIL PROTECTED] wrote:
Thanks guys.
I was able to go through that PDF at the CP site. It compared it's own products to itself (VPN pro, Connectra, & SSL Network Extender) and highlighted it's own shortcomings (on the SSL site). Also noted that each has it's own strengths depending on the need and the environment. The whitepaper suggested that most SSL VPN's are limited to backend servers that provide their services with HTTP(S). Example, an internal Exchange box running OWA, or a Domino server also providing HTTP access to mailboxes. Maybe an internal corporate web server, or a web-based reporting server. These are the same things I remembered about browser-based SSL VPN's. But with this Citrix stuff, it appears that an Active-X dynamic plug-in can be loaded and then present a desktop-type environment. Where an internal server makes the backend connections (to the Exchange server, the Domino server, the SSH client to configure routers, the custom application to another internal server, etc). The Citrix desktop profile provides the real email client, the applications the user needs. This Citrix server makes the backend connections and simply sends a display back to the client. Honestly, it looks to be impressive technology compared to what I remember about browser-based SSL VPN's.
So, as comments go, it still looks like a both type setting. I'm still hoping someone who has implemented either both or moved to just one will chime in on this thread.
But thanks for the input so far!
Regards,
Kevin
Gary Scott <[EMAIL PROTECTED]> To: [email protected] Sent by: Mailing list for cc: discussion of Firewall-1 Subject: Re: [FW-1] Citrix clientless VPN vs. SecureClient <[EMAIL PROTECTED] .US.CHECKPOINT.COM>
03/08/2005 02:19 PM Please respond to Mailing list for discussion of Firewall-1
CP has a great doc for the pros/cons for using ipsec verses ssl. You may have to register to view.
http://www.checkpoint.com/promoforms/ww/2x/connectra2xww04_ty.html
-GS
-----Original Message----- From: Mailing list for discussion of Firewall-1 [mailto:[EMAIL PROTECTED] On Behalf Of Previtera, Sal Sent: Tuesday, March 08, 2005 1:33 PM To: [email protected] Subject: Re: [FW-1] Citrix clientless VPN vs. SecureClient
Checkpoint has also clientless VPN....it is called SSL Network Extender. It uses HTTPS to download an Activex program on the PC and create a VPN tunnel. May want to check it out. Regards, Sal.
-----Original Message----- From: Mailing list for discussion of Firewall-1 [mailto:[EMAIL PROTECTED] On Behalf Of [EMAIL PROTECTED] Sent: Tuesday, March 08, 2005 10:52 AM To: [email protected] Subject: [FW-1] Citrix clientless VPN vs. SecureClient
Just curious if folks have run into this before. I have my own pros & cons that I've come up with and I think it could end up with a Both scenario as there are benefits to both technologies. But what I'd like to hear is from people who have had to either choose between the two, or can give a little example of problems (or limitations) associated with either of the technologies. Personal opinions are free game also!
Regards,
Kevin
================================================= To set vacation, Out-Of-Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] =================================================
================================================= To set vacation, Out-Of-Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] =================================================
================================================= To set vacation, Out-Of-Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] =================================================
================================================= To set vacation, Out-Of-Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] =================================================
================================================= To set vacation, Out-Of-Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] =================================================
