Software VPN vs Hardware VPN Efficiency

  • Thread starter Thread starter asdf
  • Start date Start date
A

asdf

What are everyone's opinions on running VPN on Server 2003 vs running it
on a dedicated VPN hardware--like a VPN endpoint router.

We have about 5 people who will be connecting to our network at the same
time
mostly transferring large images.

Sales guys claim that hardware will provide us with better throughput as
opposed
to running VPN on a server.

thanx
 
It depends on what you will buy. If it is Cisco router/firewall, I would use it. Windows server may give you more features such as name resolution, policy.

Bob Lin, MS-MVP, MCSE & CNE
Networking, Internet, Routing, VPN Troubleshooting on http://www.ChicagoTech.net
How to Setup Windows, Network, VPN & Remote Access on http://www.HowToNetworking.com
What are everyone's opinions on running VPN on Server 2003 vs running it
on a dedicated VPN hardware--like a VPN endpoint router.

We have about 5 people who will be connecting to our network at the same
time
mostly transferring large images.

Sales guys claim that hardware will provide us with better throughput as
opposed
to running VPN on a server.

thanx
 
asdf said:
What are everyone's opinions on running VPN on Server 2003 vs running it
on a dedicated VPN hardware--like a VPN endpoint router.

We have about 5 people who will be connecting to our network at the same
time
mostly transferring large images.

Sales guys claim that hardware will provide us with better throughput as
opposed
to running VPN on a server.

thanx
Click to expand...
I run windows server with 100 concurrent vpn clients connected and there
are no performance problems, this was using pptp not l2tp/ipsec though.
For lan to lan tunnels I would always go hardware vpn though.
simon
 
thank you both for replying. there is something else i forgot to mention
though.

WE are using DLS and things get kind of slow. If we get a network balancing,
end point router
and get another dsl connection we would still be able to connect with VPN
using both connections.
MAybe it's the word tunnel in "VPN tunnel" that's messing me up. But that
tunnel can split and go
over 2 separate connection?

thank you very much for replying.
 
I would get some expert advice brfore trying to combine two DSL
connections. It can't be done easily. The problem is that "dialup" style VPN
traffic needs to use the default gateway, and there can only be one of
those!
 
Bill said:
I would get some expert advice brfore trying to combine two DSL
connections. It can't be done easily. The problem is that "dialup" style VPN
traffic needs to use the default gateway, and there can only be one of
those!
Click to expand...
Easier option might be using one connection for the incoming vpn
traffic, the other for outbound from the office. Or better still see if
SDSL is available where you are, this will give you the same speed
upstream as downstream. It's always upstream that's the problem with
running VPN on ADSL lines.
simon
 
Hi,

You can use only software VPN, because a) more flexible then hardware
to adopt to your network environment; b) easy and cheaper to upgrade;
c) if your 5 persons are in different locations, they could have a
problem to buy the same hardware; d) for transfering large images
software vpn has the same throughput as it can be provided by hardware;
e)if your 5 users are mobile, would they like to carry a hardware box
with them, even if it is small?

I would stay with software.
have a look at this software vpn: www.vpnsolution.info
it is free for 45 days and has a build-in secure (encrypted) file
exchange.
BR
 
You can do some sort of load balancing for vpn. You just have to figure
out how do you want to implement your vpn solution. Most VPN boxes use
ipsec or 3des. But you might want to consider using SSL instead so that
you can create more stringent access control rules.

May I recommend checking out www.netifice.com
They provide managed security service. There SSL vpn implementation is I
believe the best in the market.
 
Your salesguy seem to tell you the truth this time. There are several
ways to get your secure connectivity requirements implemented. I would
love to help you on this. Let me know if you are interested and email me
directly.

Thanks.
 
Back
Top