grittyminder
IS-IT--Management
Greetings!
I am looking into purchasing a SSL VPN (in particular, the Juniper SA 4000, but am open to other suggestions), as opposed to a more expensive IPSec VPN solution, to connect 200 or so remote, fixed clients (by fixed I mean "fixed IP"--the client isn't going anywhere). The main reason being, the Juniper SSL VPN supposedly is able to provide the all the functionality of an IPSec VPN with the Secure Application Manager (SAM) and Network Connect (NC) upgrade.
Here are the questions:
1) Each of the clients will be using POS software which will send intermittent data via HTTP and FTP at all various times during the day. Therefore, the SSL VPN must be up at all times (naturally VPN access, as far as where clients will be allowed to go and do, will be severely restricted). Does the Juniper SAM/NC feature allow for automatic VPN startup/login upon boot or reboot of the client computer? (The objective is to ensure that users on the client computer side need not do *anything* as far as the VPN is concerned. The VPN should just work--they should not even be aware that the VPN connection exists).
2) This one is a little bit more of a stretch and may be a little bit silly but here it goes... the requirements for client Internet access have changed recently, so now all clients must all have their Internet browsing activity monitored and filtered. Assuming that there is an Internet filtering applicance located in the same network as the SSL VPN appliance, would it be possible to force remote client internet access through the SSL VPN, on through to the web filtering appliance, and then out to the Internet? I don't want to have to install hardware on the client side (which is another reason I have been shunning IPSec VPN solutions). Would I be able to utilize the existing internet filtering appliance in any way? Or would the web filtering aspect have to be part of some separate system, such as from an Internet based 3rd party solution?
Thank you in advance for your help!
I am looking into purchasing a SSL VPN (in particular, the Juniper SA 4000, but am open to other suggestions), as opposed to a more expensive IPSec VPN solution, to connect 200 or so remote, fixed clients (by fixed I mean "fixed IP"--the client isn't going anywhere). The main reason being, the Juniper SSL VPN supposedly is able to provide the all the functionality of an IPSec VPN with the Secure Application Manager (SAM) and Network Connect (NC) upgrade.
Here are the questions:
1) Each of the clients will be using POS software which will send intermittent data via HTTP and FTP at all various times during the day. Therefore, the SSL VPN must be up at all times (naturally VPN access, as far as where clients will be allowed to go and do, will be severely restricted). Does the Juniper SAM/NC feature allow for automatic VPN startup/login upon boot or reboot of the client computer? (The objective is to ensure that users on the client computer side need not do *anything* as far as the VPN is concerned. The VPN should just work--they should not even be aware that the VPN connection exists).
2) This one is a little bit more of a stretch and may be a little bit silly but here it goes... the requirements for client Internet access have changed recently, so now all clients must all have their Internet browsing activity monitored and filtered. Assuming that there is an Internet filtering applicance located in the same network as the SSL VPN appliance, would it be possible to force remote client internet access through the SSL VPN, on through to the web filtering appliance, and then out to the Internet? I don't want to have to install hardware on the client side (which is another reason I have been shunning IPSec VPN solutions). Would I be able to utilize the existing internet filtering appliance in any way? Or would the web filtering aspect have to be part of some separate system, such as from an Internet based 3rd party solution?
Thank you in advance for your help!