Re: Recommendations for VPN end point appliances?
On Fri, 11 Jun 2004, at 10:51pm, [EMAIL PROTECTED] wrote: > ... does anyone have any recommendations for VPN end point appliances. Of all the appliances I've used, my favorite is NetScreen. Outstanding features and performance at a competitive price. Gotta love that SSH CLI. SonicWall is okay. They used to require a subscribe just to use certificates, but I believe that has changed. I've had someone recommend SnapGear to me; it is apparently a Linux-based appliance. Haven't had a chance to actually look into it, though. For maximum flexibility, there is always the possibility of an SBC running Linux out of flash. > I ordered a pair of BEFSX41 LinkSys routers ... My experience with LinkSys VPN boxes is that they are flakey and have an abysmal feature set. They tend to need to be rebooted on a regular basis. No support for public key crypto (come on', shared secrets went out in the 1980s). Their firewall/filtering settings are a joke. I frequently recommend LinkSys NAT boxes for SOHO use, but IMO, they just don't cut it for VPN use. -- Ben Scott <[EMAIL PROTECTED]> | The opinions expressed in this message are those of the author and do | | not represent the views or policy of any other person or organization. | | All information is provided without warranty of any kind. | ___ gnhlug-discuss mailing list [EMAIL PROTECTED] http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss
Re: Recommendations for VPN end point appliances?
On Sun, 2004-06-13 at 13:14, [EMAIL PROTECTED] wrote: > I've had someone recommend SnapGear to me; it is apparently a Linux-based > appliance. Haven't had a chance to actually look into it, though. > If you're speaking of the ClearPath SNAP box... It *is* linux-based, but not really shipping yet. I have a demo unit sitting here next to me. Basically mini-itx system board, 256MB compact flash for boot, and 3 on-board Ethernets. The rest is all linux... -- Brian <[EMAIL PROTECTED]> ___ gnhlug-discuss mailing list [EMAIL PROTECTED] http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss
WANTED: a few 9-track tapes transcribed
...to just about any less primitive medium. Anybody have an old 9-track drive and willing to help? ___ gnhlug-discuss mailing list [EMAIL PROTECTED] http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss
Re: Recommendations for VPN end point appliances?
On 13 Jun 2004, at 1:32pm, [EMAIL PROTECTED] wrote: >> I've had someone recommend SnapGear to me ... > > If you're speaking of the ClearPath SNAP box... No, I'm speaking of SnapGear. http://www.snapgear.com Hmmm... they appear to have been bought by CyberGuard. Since I don't really know anything about either company, the net change in my practical knowledge is zero. :-) Their products exist as something you can buy and touch, as one of our customers got them as part of a larger package from another vendor. They appeared to work. The advertised prices were very attractive. That's as much as I know. -- Ben Scott <[EMAIL PROTECTED]> | The opinions expressed in this message are those of the author and do | | not represent the views or policy of any other person or organization. | | All information is provided without warranty of any kind. | ___ gnhlug-discuss mailing list [EMAIL PROTECTED] http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss
Re: Recommendations for VPN end point appliances?
[EMAIL PROTECTED] wrote: > > On Fri, 11 Jun 2004, at 10:51pm, [EMAIL PROTECTED] wrote: > > ... does anyone have any recommendations for VPN end point appliances. > > My experience with LinkSys VPN boxes is that they are flakey and have an > abysmal feature set. They tend to need to be rebooted on a regular basis. > No support for public key crypto (come on', shared secrets went out in the > 1980s). Maybe, but SNMP V3 still uses it.. > > I frequently recommend LinkSys NAT boxes for SOHO use, but IMO, they just > don't cut it for VPN use. > ___ gnhlug-discuss mailing list [EMAIL PROTECTED] http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss
Re: Recommendations for VPN end point appliances?
On Sun, 13 Jun 2004, at 9:40pm, [EMAIL PROTECTED] wrote: >> ... shared secrets went out in the 1980s ... > > Maybe, but SNMP V3 still uses it.. That's hardly an endorsement. SNMP's approach to security issues has generally been to ignore them. (SNMP = Security? Not my problem!) The fact that SNMPv3 has any security at all is a huge advance. Now you want it to be modern, too? -- Ben Scott <[EMAIL PROTECTED]> | The opinions expressed in this message are those of the author and do | | not represent the views or policy of any other person or organization. | | All information is provided without warranty of any kind. | ___ gnhlug-discuss mailing list [EMAIL PROTECTED] http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss
Re: Recommendations for VPN end point appliances?
[EMAIL PROTECTED] wrote: > > On Sun, 13 Jun 2004, at 9:40pm, [EMAIL PROTECTED] wrote: > >> ... shared secrets went out in the 1980s ... > > > > Maybe, but SNMP V3 still uses it.. > > That's hardly an endorsement. SNMP's approach to security issues has > generally been to ignore them. (SNMP = Security? Not my problem!) The > fact that SNMPv3 has any security at all is a huge advance. Now you want it > to be modern, too? > Yep, I totally agree, also SNMP is anything but simple, and why no-one has come out with something a lot more user friendly, I don't know, However, it keeps me employed, so I shouldn't complain too much. :) ___ gnhlug-discuss mailing list [EMAIL PROTECTED] http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss
