Cisco SSL VPN:max of 5,000. Why number is so low?

Unanswered Question
May 11th, 2007

I see that Cisco and other major SSL VPN makers offer devices such as Aventail and Juniper which can handle, respectively, maximum of 5,000, 2,000 and 2,500 users concurrently.

For very large enterprises, that's kind of low, isn't it? Imagine I need to make remote access solutions available to everyone work from home during an extreme bad weather day, for example. We have 30,000 users. How can that be handled? In theory I would need to buy 6 appliances to handle this. That's tough. I don't get it why those numbers are so low.

If anyone came accross and handled this scenario please let me know.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Danilo Dy Tue, 05/15/2007 - 06:41

Hi,

I think because that is the maximum concurrent connection that the platform can handle in terms of processing encrypted packets.

You can however put 6 VPN devices and group the users per device, plus a 7th backup/standby VPN device - you can create 6 FQDN as primary for 6 group of users (one for each group)and another FQDN for the backup/standby where all users can connect if their primary is unaccessible. There's a good thing about this though, if in case one of the VPN device is down, you only have an angry mob of 5,000 users to handle rather than 30,000 :) you can also distribute the administration load

Dandy

Actions

This Discussion