|
Hi group.
I have a situation where on our private network, we have a management server (Aprisma Spectrum to be precise) that needs to sit on a public address, monitoring
several hundred remote site routers. A firewall such as PIX will be introduced
probably behind
this management server running solaris ; how can I manage all the
remote site routers (1600 series) without the
security risks involved with turning on SNMP? The
solution we proposed is implementing VPN but the company does not
want to go through using VPN with IPSec because of the inherent cost
of more hardware involved and the
managebility
of setting it up........any ideas? Basically, we
want to encrypt the SNMP traffic coming back from all the remote sites securely
;
however, on the client side, we will be using SSL to guard against the application
traffic. Hope all you security guys can give me some
advice on the design of such a flexible and
scalable solution........
Thanks in advance!
David.
|
