Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
481
Views
0
Helpful
4
Replies

VPN Capacity

Go to solution
spalislam
Level 1
Level 1

‎05-16-2003 10:25 AM - edited ‎02-21-2020 12:33 PM

May 16, 2003, 7:31am PST

I need to provide VPN solution for about 2000 remote users. Two main factors are remote desktop (so users can use their office PCs from home), and access to protected servers. All this needs to be through VPN. My question is regarding capacity and compatibility.

1)

Is PIX 515 sufficient for this many users? What about 525? Or do I have to go with the VPN Concentrator? Advantages and Disadvantages?

2)

Can I integrate VPN device with Novell's E-Directory for user management? What about SUN1 directory? Or Radius? Preffered solution would be integration with EDirectory.

Please post your comments or suggestions. Any help higly appreciated.

Thanks,

S.P.

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
jsivulka
Level 5
Level 5

‎05-22-2003 11:44 AM

Both the 515 and the 525 can support 2000 simultaneous tunnels. Therefore, you could do with the 515. However, I feel that a VPN concentrator is better suited for the job at hand. The concentrator has been designed to support just this kind of a setup. The advantage of using the VPN concentrator is that it would make management of this large number of usersmuch easier. The disadvantage is that you are trusting all the users and will lack the high degree of security that a firewall provides.

View solution in original post

0 Helpful
4 Replies 4

Go to solution
jsivulka
Level 5
Level 5

‎05-22-2003 11:44 AM

Both the 515 and the 525 can support 2000 simultaneous tunnels. Therefore, you could do with the 515. However, I feel that a VPN concentrator is better suited for the job at hand. The concentrator has been designed to support just this kind of a setup. The advantage of using the VPN concentrator is that it would make management of this large number of usersmuch easier. The disadvantage is that you are trusting all the users and will lack the high degree of security that a firewall provides.

0 Helpful

Go to solution
spalislam
Level 1
Level 1
In response to jsivulka

‎05-22-2003 12:58 PM

Thank you for your input.

The issue is I have spare 515 that I can utilize for this VPN. However, I do not have any spare 525. Therefore, most likely I will solely use 515.

However, there is another question. Is 525 capable of being fully-utilized firewall as well as VPN end-point? Or do I have to specificly dedicate 525 for VPN? Same question regarding 515s?

The reason I am leaning toward PIXs vs. VPN concentrator because I already have this equipment. VPN 3000 would have to be purchased separately.

Thanks for the help. Any further assistance very appreciated.

SP

0 Helpful

Go to solution
cody.rowland
Level 1
Level 1
In response to spalislam

‎05-23-2003 07:02 PM

The PIX 525 is capable of handling your users and acting as a firewall. In this case, I would strongly recommend the 525 over the 515. It's a more robust model that's easily expanded should your needs change in the future.

One other thing to take into consideration -- if 2000 users are going to rely on your VPN for every day business needs it would be irresponsible not to implement a failover solution and this means you need two identical PIX devices. If I had to decide one 1 PIX525 or two PIX515's, I would go with the later strictly for the peace of mind.

My two cents.

Cody Rowland

Infrastructure Engineer

0 Helpful

Go to solution
rhodrijenkins
Level 1
Level 1
In response to cody.rowland

‎07-09-2003 06:44 AM

Did you ever find out whether or not you could integrate the VPN device with Novell's E-Directory for user management? I'm interested in doing this myself.

Thanks

Rhodri Jenkins

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents