• We’re currently investigating an issue related to the forum theme and styling that is impacting page layout and visual formatting. The problem has been identified, and we are actively working on a resolution. There is no impact to user data or functionality, this is strictly a front-end display issue. We’ll post an update once the fix has been deployed. Thanks for your patience while we get this sorted.

Whose SSL VPN is better?

C

Cooky

Golden Member
We're in need of deploying SSL VPN.

Was wondering if anyone has had experience w/ Cisco & Juniper's SSL VPN, and how you like it.
 
Have them both at my company...
Juniper seems to work better though firewells than the cisco, but is slower.
I use the cisco most times, but juniper if the other wont work...
 
Originally posted by: spidey07
They both work very well. Juniper/netscreen is easier to manage.
Click to expand...

He's right. Listen to the man.

Depending on what your needs are, the SA700 is for smaller offices , SA2500 for medium sized applications, and the SA4500/6500 for larger enterprises. They are very easy to manage and maintain.
 
One of my former colleagues tested Cisco's SSL VPN on our ASA's, and he said even though it works, it requires Java on browser, and he had to switch windows for some apps.

Has any of you seen that before?

Another thing we need to consider is the number of connections...we anticipate about 10,000 users.
So we'll need either ASA 5580 or Juniper's SA6500.
 
Here's what Juniper SE told me in email:

Junipers Core Clientless access method provides completely clientless access to select resources from any endpoint. The Core Clientless method provides secure access to Web-enabled applications. There is no need to download any Java Servlet unless more than our Core Clientless method is needed. (Ex, SAM, NC).

I'm not as familiar w/ Juniper's products (we're a Cisco shop).
Could someone please tell me what it means (Ex, SAM, NC), so that I can call his bluff? (spidey said Juniper requires Java as well)

thanks.
 
Cisco's licensing is much cheaper as well. Not sure what the difference is at your levels or if price really matters to you at all, but when we were recently deciding between the two, 100 SSL licenses AND the ASA 5510 itself ran us about $6,500. Juniper wants $2,500 for the SA 2500 and another 12-13k for 100 users license.

To add on to what spidey said, if they need to access anything else besides http, https, and i believe file servers over CIFS. If a full tunnel is required for client/server apps, you'll need to download a small client from the Cisco side (admin rights required) and the java based client from Juniper's side.
 
To throw another monkey wrench into the SSL vpn solution. You MUST have strict control over your browser and java versions to make it work. When either of them say "clientless" what they really mean is "you better have total control over your clients to install what is needed".

Juniper and Cisco WANT your business in this area, it's a super hot market. Get presales involved on both sides, make them give you demo gear to evaluate along with a SE for a day and see what works best for you.

I know I'm getting off topic, but make them work for you. That's what they are there for, you're the one giving them the money. Don't go falsely carrot dangling, but if you have a real need for a solution then both are willing to accommodate to get your business.
 
You must log in or register to reply here.

TRENDING THREADS

Back
Top