Content-Transfer-Encoding: |
7bit |
Sender: |
|
Subject: |
|
From: |
|
Date: |
Mon, 25 Jun 2001 10:09:03 -0500 |
Content-Type: |
text/plain; charset="iso-8859-1" |
MIME-Version: |
1.0 |
Reply-To: |
|
Parts/Attachments: |
|
|
Greetings PC Builders!
I asked a question about a month ago about setting up some VPN connections
for a small office. There are currently 4-6 users on their network and they
are looking at a maximum of 3 outside connections, one of which will be a
future branch office.
I've looked at some of the VPN solutions proposed by Cisco, Intel, HP,
Sonicwall and others. It seems to me that it comes down to some common
denominators: A PC-like device and software to run VPN encryption. It
appears that the Sonicwall solution would run close to $1700 in the main
office and $500 for EACH of the outside connections. Cisco is even more
expensive. Intel has a neat little box (8205 VPN Broadband router) for
about $800, but it is a site-to-site connection and not a site-to-point (my
understanding is that it needs to talk to a dedicated VPN solution rather
just client software on a remote user's PC). For such a small network, is
it really necessary to spend so much money on expensive hardware solutions?
MS Windows 2000 Server has built-in VPN capabilities, as does Linux. Would
it not be possible to run a Win2k or Linux VPN on the file server? There
are probably some security issues of which I'm not aware. The hardware
solutions still run some software for the VPN connection and encryption.
I've seen software that looked like the MS solution, or the Linux solution,
or based on Checkpoint's VPN-1 software.
Please correct me if I'm wrong, but here's what I'm envisioning:
--The server will have two Ethernet connections: one to their DSL line and
the other to the internal LAN.
--The server hardware will be upgraded to support both communications and
file server duties (dual PIII-1000 processors, 256MB ECC ram, redundant
power supply, UPS, etc, ).
--Converting their current 10Mb LAN to 100Mb for better access to the
server.
--Linux may be more secure than Win2k, but they could use the server as an
extra office PC (in an emergency) if running Win2k.
--Running firewall software on the server and on each of the LAN's PCs
(probably Zone Alarm Pro or Norton).
What do the expensive hardware solutions provide that Linux/Win2k don't?
What am I missing?
Thanks for your help!
Ron Jobe
PCBUILD maintains hundreds of useful files for download
visit our download web page at:
http://freepctech.com/downloads.shtml
|
|
|