ANALYSIS
When we take a look at the VPN appliances offered today, we notice two different flavors: stand-alone VPN appliances and integrated VPN appliances such as VPN-enabled firewalls and routers. With the integrated VPN appliance, we find our first and possibly most important cost benefit. Currently, deployed hardware firewalls such as the Cisco PIX, Nokia Checkpoint Firewall, and Watchguard Firebox include optional VPN capabilities out of the box. Virtually all routers, including Cisco's access and modular routers, also include VPN support. The cost associated with this solution is often included in the firewall or router. Getting VPN services going in this scenario often means making just a few configuration changes in the firewall or router itself. Since a discussion on VPNs falls within a comprehensive network security policy, the ability to have an integrated VPN appliance can save thousands in simplified security policy administration, particularly in environments where multiple firewalls, routers, and VPN gateways are required. Stand-alone VPN appliances, some referred to as VPN concentrators, primarily find a place in organisations where simultaneous VPN connections need to number in the thousands. They provide high availability, high performance, and scalability that is unmatched by any integrated appliance or VPN server. The increase in reliability, capacity, and throughput is not without its costs, however. Expect to pay several times more for an enterprise level VPN concentrator with these capabilities. VPN servers
So far, we have heard how integrated VPN appliances offer impressive cost benefits. From this, it would seem the question of whether to choose a VPN appliance or build a VPN server would be a rather simple one to answer. To determine if this scenario is true, let's take a closer look at the option of building and using a VPN server(s) for secure Internet communications...
