We have gone through tremendous growth with RA VPN clients and decided that SSL VPN will be a better solution for us.
So we started looking and are testing two vendors, Juniper and Aventail. While their products deliver what they promise, I started wondering about ASA, since we are currently running PIX. So I have a few questions about it I hope you can help me with:
1) As far as I see, ASA comes in several 'editions'. Are the 4 editions not just modules or licenses for the same box and IOS? The significance of this is that if we purchase from a different vendor and PIX runs out of steam one day, we will probably upgrade to ASA anyway for its firewall capabilities. We then might sit with two boxes, and both can do SSL VPN. The same applies to IPS. If we do buy ASA, could we some day 'add on' IPS modules if we want to, or is it a new ASA model all together? Apart from redundancy issues, I am very keen on keeping these things tied together. So instead of going for another vendor, should we go for ASA and add modules as we go along?
2) How does ASA SSL-VPN compare to other vendors. I have seen comparisons (granted, supplied by Juniper putting themselves at the top and aventail 2nd :). But I cannot really find independant comparisons anywhere.
Thanks a lot for any comments!