> well, you are also wrong. All the Cisco clients run behind NAT and firewalls
> (no matter how cheap). C'mon guys and gals, let's be serious. IPSec allows
> all these features and Cisco supports more than most.
Actually the IPSec Specification doesn't cover any of these features. All
of the major manufacturers have simply added their own hacks as various
features became important.
Having just installed the latest Cisco client I can say that it is, in
fact, excellent. My experience with CP NG, though, has proven to be
equally satisfying.
Both CheckPoint and Cisco support client firewalls and pushed client
policies (Though CheckPoint charges a seperate fee for this and Cisco does
not).
Both CheckPoint and Cisco support clients connecting from NAT'd segments.
Both products support a variety of services for authentication.
CheckPoint: S/Key, SecurID, OS Password, VPN-1 Password, RADIUS, AXENT,
TACACS
Cisco PIX: RADIUS, TACACS+
Cisco VPN Concentrator: A whole bunch
In the end it seems to come down to preference.
My personal feeling is that Cisco has the edge in the client VPN market
(From what I have just seen), but that they still have to improve the
management of large, fully meshed, site to site VPN installations.
-Don
=================================================
To set vacation, Out Of Office, or away messages,
send an email to [EMAIL PROTECTED]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[EMAIL PROTECTED]
=================================================
