Looking for encryption for ethernet link between 2 firewalls

Unanswered Question
Dec 1st, 2008
User Badges:

We have an ASA 5500 linked to another site about a mile away (via extended ethernet fibre). We need some encryption on this link - typically AES. Is the only way to encrypt to use IPSEC/VPN Or can we encrpty the traffic in "less complex" way. Issues of performance matter too as there will be voice and time-critical apps running over this line too

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
cisco24x7 Mon, 12/01/2008 - 05:48
User Badges:
  • Silver, 250 points or more

Not entirely true. You can place a hardware

crypto on both ends. Think of it like

encrypting the microwave signal. Doesn't have

to be VPN.

peter-net Mon, 12/01/2008 - 05:56
User Badges:

OK - I cant do a hardware option. So if I discount that - we are saying - either go for VPN solution - or not have encryption between the 2 locations ?

cisco24x7 Mon, 12/01/2008 - 06:20
User Badges:
  • Silver, 250 points or more

You can approach the problem this way:

Option #1: VPN

Option #2: encrypt at the application level

with either SSH or SSL encryption

Either way, the communication will be secure.


This Discussion