I need help wrapping my head around the differences between the Cisco IPsec Client and Anyconnect SVC, besides the fact that IPSec client is a manual install while Anyconnect installs and uninstalls itself on its own.
I mean, what does IPsec client do that Anyconnect can't or vice versa? And before you mention it, I already know that Anyconnect supports 64-bit vista (that seems to be a very popular answer).
I havent seen a document that directly compares the IPSEC Client vs Anyconnect. But, below are some FAQ URL that should help answer some questions. Also, one big factor in making your decision is going to be the Type of VPN server that you are planning to use. For example, some of the newer clients are not supported on Pix/VPN3000.
From a user perspective the IPSec and AnyConnect clients provide very similar functionality once they're installed. Under the hood, the IPSec client uses IPSec encryption (duh) whereas the AnyConnect client uses SSL encryption, which is significantly more processor intensive. With computers these days that's not really much of an issue at the user end, but if you're trying to scale to a very large number of users at the head end it could be a factor. The biggest difference is in the licensing cost. There is no incremental licensing cost for the IPSec client, either for the number of users or for the client software. There *is* a non-trivial cost for the AnyConnect client, however, which may or may not be worth the possibly reduced administrative costs of getting the client installed on all the end-user systems.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...