Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
205
Views
0
Helpful
1
Replies

3015 concentrator in site-to-site VPN setup

emma_is_me
Level 1
Level 1

‎06-05-2003 03:26 AM - edited ‎02-21-2020 12:35 PM

I have a 3015 at our central office with a number of Cisco 800's / 1700's at satellite offices. I've got them up and running with IPSec tunnels using 3DES/SHA and currently pre-shared keys (Thinking about using digi-certs as the number of sites could increase). I've been ploughing through the Safe VPN docco about the question of further security using NIDS and firewalls., and looked at the medium sized scenario.

Has anyone got a similar setup that could enlighten me further on the best way they have found to tighten up security to a safe, but not excessive level ?

Labels:
0 Helpful
1 Reply 1

wong34539
Level 6
Level 6

‎06-17-2003 06:46 AM

Both NIDS and Firewall are good options for good secuirty, also consider some sort of security for important servers like mail servers by running Host based IDS on them. Also you can add access lists to restrict the resources the users can access.

There are a couple design options on where to place the firewall and IDS in respect to the concentrator, depends on how you really want to use it.

0 Helpful
Customers Also Viewed These Support Documents