|
Tim: We use encrypted access solutions to connect to client systems ... Usually dictated by our clients existing provisioning .. Although we have set up Client Access with SSL support at a few client sites ... Although we don't have the wide experience of a firm that installs VPN products for a living, we also don't have much to sell, which may compensate ... One thing I like about using CA/400 with SSL is that remote users typically ONLY get access to the iSeries box through this venue ... (There are ways, but not very obvious ones, to go around this limitation, and you can control them) ... In other words, they can't see your whole network ... This can be a plus, or a minus, depending on your requirements .... This choice has been dependable for us, and doesn't cost anything ... We also just deployed iSeries Access for the Web, a native solution that uses components from Host Publisher and runs on Websphere Application Server. This product delivers a green-screen analogue to a web browser. It's real handy for providing ad-hoc access to your system, since the remote user doesn't need to install anything at their end. Installation was difficult and time-consuming, the presentation layer is only so-so, and WebSphere AS gobbles CPU. It is not something I would use for regular access. On the VPN side, we are using Microsoft native VPN, in which a Win2K server performs the LAN gateway function, as well as CheckPoint Systems and Cisco VPN products. CheckPoint has been the most difficult to live with, and one client who uses CheckPoint has said that they aren't very happy. I can't recall whether I have heard complaints from our clients who use Cisco, but rollout at our site hasn't been smooth with either of these products. For our part, both CheckPoint and Cisco VPN client installation and/or operation have been implicated in workstation stability issues ....In two cases forcing us to reload the OS and discontinue use of the product ... We finally had to provision Checkpoint at a workstation that nobody uses and which has almost nothing else on it, in order to continue serving our client site ... It is not a very convenient arrangement ... We have had no problems with the MS VPN solution ... I cannot, however, comment on the strengths or weaknesses of this option from a site security point of view. Knowing Microsoft's reputation on such matters, this issue may deserve some investigation. Finally, when running down VPN problems with a tech support representative at one of the above companies, the agent said something that rather surprised me: Quote ... "We're really taking a beating from NetScreen ... it's a much better product than ours." Coming straight from the horse's mouth, as they say, I would be tempted to take a look at NetScreen ... Regrettably, I cannot use this as an opportunity to pitch for a VPN engagement ... Unless you think CA/400 and SSL sounds attractive .... Visit our website anyway, maybe there's something else I could sell you ... Good luck! Regards, John G. Dyer, CDP Vice President Information Management Consultants, Inc. jdyer@xxxxxxxxxx http://www.imcedi.com 812.421.0045 ext. 203
As an Amazon Associate we earn from qualifying purchases.
This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].
Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.
midrange.com
