I am not too well informed about Citrix and thus not in a position to compare the two solutions. However, my network does have extensive deployment of the Cisco VPN solution that I am pretty happy with. Cisco offers a product to meet almost every type of requirement. It is thus that you have Routers, Firewalls, VPN clients, Concentrators and VPN Acceleration cards, all of which address specific requirements and could be part of your VPN solution. Another important factor is the indirect cost savings. Lets say you buy a Router today. You can configure the very same router for providing you a VPN solution in addition to simple routing. The same router can also be configured as a firewall, for VoIP or for a host of such technologies and that provided you with flexibility and scalability, two things that are really important to network designers today. This ability to use the same platform for multiple solutions is what makes the Cisco solution highly attractive. Add to this the extensive documentation and technical information that is available through the Cisco web site. I guess, the case for going in for a Cisco solution is pretty strong.
Citrix is a more of a server-based computing solution than it is a security or access solution like a VPN. Citrix does have some nice security features that give you some of the same functionality as a VPN solution, but it is primarily a solution for application hosting. When you need to centralize management, access, and/or resource utilization for your applications, Citrix is a fantastic solution. If you need to provide secure, controlled access to network resources, then VPN is what you need. I'll rate the solutions per your query, but bear in mind that the ratings are my opinion based on other solutions I have implemented and may or may not be right for your situation.
SECURITY: VPN, it is designed specifically for security and gives you better security options and more interoperability with other security-based systems.
COST: VPN, it is generaly less expensive than Citrix, but when you pay for Citrix, you are paying for all the added functionality (other than security) that Citrix provides. If you need the Citrix functionality, then it is definitely well worth it, but if you don't, then you can save a lot by using a VPN solution,
EASE OF USE: VPN, I have set up both Citrix and VPN, and VPN is generally easier to set up. If your implementation is <20 users and you can get them all on a single server, then Citrix can be relatively simple to set up and maintain. If you have many more users and you start getting into server/applications farms with multiple disparate applications, load balancing, and resource utilization management, then it can get very complex/maintenance-intensive and probably should not be attempted by anyone who does not have a lot of experience with Citrix. Of course VPN deployments become more complex as they scale, but not (in my experience) to the same degree as Citrix deployments.
One other point to look at is with Citrix, is it can make troubleshooting issues for remote users easier. Since the users work environment is controled by the Citrix Server (all you install on remote user's computers is the ICA Client), you do not have to worry about remote users personal computers. Also, you can connect to any Citrix Session (called Shadowing by Citrix), which makes troubleshooting issues much easier.
The cost of Citrix is greated than VPN Solutions, so you have to weigh the savings in support vs the cost of Citrix.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...