Hello All,
I am looking at VPN access layer scenarios, and cant seem to get my head
around someone doing SSL VPN over a leased line..I mean why would someone do
that? Before we get into "have you considered" here is what I did consider:
1. Having a leased line connection into someone's infrastructure does not
mean traffic over that link is being encrypted. In order to do that, we
could simply do IPSec site to site VPN [let's say the IPSec platforms are
already in place]. To encrypt end to end [host to host],there is not much
that the network infrastructure can do, as this is upto the end hosts.
2. It might be difficult to get an internet connection somewhere [or maybe a
lousy one], but the local telco could give you a leased line instead? Hard
to digest...
3. Maybe the requirement is to have a leased line, between the
two infrastructures instead of leveraging an internet connection due to SLA
issues [internet = no SLA]. However that would be covered under point 1
above, and deploying a SSL VPN platform still wont provide an end to end
encryption between the hosts.
Have you folks ever come across a scenario of SSL VPN over a leased line,
and why would someone deploy this type of access model [leased line that
is]? Any pointers/experiences would be appreciated.
thanks in advance.
Al
Blogs and organic groups at http://www.ccie.net
Received on Sun Nov 15 2009 - 19:00:22 ART
This archive was generated by hypermail 2.2.0 : Tue Dec 01 2009 - 06:36:29 ART