Hi there,
If you are looking at 500 site-to-site VPNs, I would highly recommend that
you go
with Cisco VXR7206 router. With Cisco devices, you can terminate a lot of
site-to-site
VPNs. Furthermore, if you have requirements to run dynamic routing protocols
over
IPSec tunnel, Cisco is a better prefer choice than Nokia/Checkpoint. I
currently have
a customer running 450 site-to-site VPNs on a Cisco VXR7206 router with IOS
version
12.3T. The VXR7206 router is the hub device and it is pushing about 250Mbps
of
AES-256/SHA-1/DH2 traffics and it is also running OSPF via GRE and encrypted
with
IPSec.
I think NGx supports Virtual Tunnel Interface which is similar to cisco GRE
but I've
never used it so I can not comment on it. Checkpoint is a good product but I
think
with that many site-to-site VPNs, Cisco is a better solution. Notice that I
didn't
recommend to use Cisco Pix/ASA either. Generally speaking, Firewall is not a
high
performance VPN product. Neither Cisco Pix and Checkpoint firewall can
provide
the VPN flexibility that Cisco router does.
That's my 2c.
cisco4ng
"Khan, Irfan" <irfan.khan AT FLSMIDTH DOT COM> wrote:
We use a Nokia 350 with 600 users. It has 512 RAM. We are using NG AI
55. I have heard NGX is more resource intensive and needs around 1 GB
RAM for better and faster performance
-----Original Message-----
From: Mailing list for discussion of Firewall-1
[mailto:FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM] On Behalf Of Alvaro
Gastambide
Sent: Friday, February 24, 2006 4:21 PM
To: FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM
Subject: [FW-1] NOKIA AND NGX
Hi, i need a firewall to make 500 VPN site to site....
What nokia and check point do you recomend ? Thanks
Alvaro Gastambide
=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to LISTSERV AT amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
fw-1-owner AT ts.checkpoint DOT com
=================================================
=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to LISTSERV AT amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
fw-1-owner AT ts.checkpoint DOT com
=================================================
---------------------------------
Yahoo! Mail
Use Photomail to share photos without annoying attachments.
=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to LISTSERV AT amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
fw-1-owner AT ts.checkpoint DOT com
=================================================
|
