Site-to-site VPN and Remote access VPN

A Site-to-site VPN connect entire networks to each other. In a site-to-site VPN, hosts do not have VPN client software; they send and receive normal TCP/IP traffic through a VPN gateway and VPN gateway is responsible for encapsulating and encrypting outbound traffic, sending it through a VPN tunnel over the Internet.
The most common secure tunneling protocol used in site-to-site VPNs is the IPsec Encapsulating Security Payload (ESP).

Remote access VPNs connect individual hosts to private networks.In a remote access VPN, every host must have VPN client software .Here host tries to send any traffic, the VPN client software encapsulates and encrypts that traffic before sending it over the Internet to the VPN gateway at the edge of the target network.
Remote access VPN protocols are Point to Point Tunneling Protocol (PPTP) and Layer 2 Tunneling Protocol (L2TP)

Alternative to IPsec/L2TP/PPTP VPNs to secure remote access products that use SSL(SSL VPN) over web browsers.
vpn-utm

Software based and Hardware based
———————————
Linux based:
Astaro Security Gateway
http://www.sophos.com/en-us/products/unified-threat-management.aspx
phion netfence
Secure Computing firewall/VPN family
http://www.mcafee.com/us/products/firewall-enterprise.aspx
Smoothwall Corporate Server
http://www.smoothwall.com/en-gb/
Open VPN
http://openvpn.net/
Open Swan
https://www.openswan.org/
Mac OS X based:
Apple Mac OS X Server. Version 10.4 and higher supports authentication through certificates, Kerberos and group secrets.

Windows based:
Microsoft Windows 2000, Windows Server 2003 and Windows Server 2008. Windows 2000 does not support NAT-T when used as a server.
Microsoft Windows XP Professional and Windows 2000 Professional(small-scale VPN server but not included with XP Home)
Microsoft Windows Vista.
Microsoft ISA Server.
ISA Server based appliances.
http://technet.microsoft.com/en-us/forefront/ee807302

Dedicated hardware:
Checkpoint
http://www.checkpoint.com/products/vpn-1_power/index.html
Cisco PIX firewalls
http://www.cisco.com/c/en/us/support/docs/security-vpn/ipsec-negotiation-ike-protocols/4504-cmatrix.html
Enterasys routers with VPN capabilities
http://reviews.cnet.com/routers/enterasys-xsr-3020-security/4505-3319_7-30978178.html
IBM/ISS Proventia UTM
http://www.proventiaworks.com/
Intoto
Juniper E-series and Netscreen series
http://www.juniper.net/in/en/products-services/security/netscreen/
Nokia
https://expertcentre.nokia.com/en/articles/kbarticles/Pages/Nokia-VPN-resource-hub.aspx
Nortel VPN Routers
http://www.nortel.com/
SonicWALL Firewall/VPN Appliances
https://www.sonicwall.com/in/en/
Barracuda
https://www.barracuda.com/products

Advertisements

Posted on February 22, 2014, in General. Bookmark the permalink. Leave a comment.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: