High Speed IP-Sec - Summary

• Previous message (by thread): High Speed IP-Sec
• Next message (by thread): High Speed IP-Sec - Summary
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Here's a summary of answers I received, thanks to all:

* Netscreen www.netscreen.com

  Wide variety of products from low end 10Mbps boxes to high end 1000Mbps
  boxes.  Generally also firewalls, have VPN client support, and other
  features.

  From a site-to-site VPN perspective the low end is priced reasonably,
  where as the high end gets a bit expensive due to kitchen sink
  functionality.

* Cisco PIX www.cisco.com

  Good variety of products from 50Mbps to 1000Mbps.  Also firewalls and
  in some cases IDS like boxes.

  A bit high in price across the board for site-to-site VPN's, mainly
  due to kitchen sink functionality.

* CipherOptics www.cipheroptics.com

  Dedicated full duplex gige IPSec box, with very minimal firewall
  filters.

  Very good price for a site-to-site VPN and no other junk to get in the
  way.  A good contender for high speed IPSec.

* Cisco Accelerator Cards www.cisco.com

  There are two varieties, the VAM for a 7200, and the VPNSM for a
  Cat6509.

  Pricing is good for a site-to-site VPN if you already have the chassis
  for other reasons and have free slots.  If you have to include the
  chassis and interfaces in the cost they are both a pretty expensive
  solution.

* Juniper Accelerator Cards www.juniper.com

  There are IPSec cards for all of the M-series boxes.

  Pricing is a similar situation to Cisco.  Not too bad for site-to-site
  if you have the chassis, but if you're adding in the cost of a chassis
  and interface cards as well you're back to a pretty expensive
solution.

* ET/R4000 http://www.etinc.com/r4000.htm

  FreeBSD box with an accelerator card.  Comes in 100Mbps and Gigabit
  versions, probably can't quite do full gigabit, but could come close.

  Priced very attractively for site-to-site VPN's, a bit of a concern
  that while it's sold as a complete box with support, it's a bit less
  of a "solution" than the other companies offer.

* IWill motherboards.

  These don't meet my qualification, but if you're into roll your own
  I will has motherboards with IPSec coprocessors onboard supported
  by some free OS's:
  http://www.iwill.net/products/ProductDetail.asp?vID=129&CID=110



-- 
       Leo Bicknell - bicknell at ufp.org - CCIE 3440
        PGP keys at http://www.ufp.org/~bicknell/
Read TMBG List - tmbg-list-request at tmbg.org, www.tmbg.org
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 187 bytes
Desc: not available
URL: <http://mailman.nanog.org/pipermail/nanog/attachments/20030610/47b3b6c0/attachment.sig>

• Previous message (by thread): High Speed IP-Sec
• Next message (by thread): High Speed IP-Sec - Summary
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]