Juniper Networks 710008-001 manual Offer ease of use and management

Page 7

FW/IPSec VPN Buyer’s Guide

3.Deliver a high level of fault tolerance to ensure the solution is always available

Does the solution support high availability (HA) configurations, including active/active, full mesh, to reduce the chance of a single point of failure?

Does the HA solution maintain both session and VPN state information to ensure that both the connection and VPN security association are maintained in the event of a failure?

Can the solution take advantage of dynamic routing as part of VPN resiliency?

Can the solution support redundant paths? If so, what kind – multiple ISPs, dial back-up?

What redundancy features have been built into the VPN configuration?

What are the mechanisms used to minimize fail-over latency and ensure maximum uptime?

4.Offer ease of use and management.

Are there multiple ways to interact and manage the system?

How easy is it to perform management tasks?

oCan device, network and security configurations be managed using the same interface?

Does the system grant different people in the organization different access privileges?

oHow does the system ensure that people are only accessing what they need to access?

oHow easy is it to set up or change a role to ensure access privileges map to current employee activity?

How quickly can changes be made in a large distributed network?

Are there configuration templates to simplify deployments?

oHow easy is it to customize the template information for specific site deployments?

How easy is it to troubleshoot problems?

oIs there a way to roll back to a previous configuration if changes affect the connectivity of the solution?

How much manual intervention is needed when a VPN connection goes down?

Can firewall policies be easily applied to VPN traffic, without a lot of additional configuration?

How easy is it to add a network to the VPN?

How easy is it to configure complex VPN configurations, such as a hybrid full-mesh and hub and spoke?

5.Enable quick and simple deployment and installation

Are there different options that accommodate administrator preferences for installing and configuring the system?

What kind of platform is the solution running on?

oIs the solution based on a general-purpose platform?

oIs the solution delivered as an appliance for easy deployment?

How easy is it to deploy a device in the field?

oWhat level of technical expertise is required?

oCan it be managed centrally?

Does the solution have a transparent deployment mode that does not require routing changes to the network?

What routing protocols does the solution support?

What networking features does the solution support to facilitate a timely deployment?

How are patches applied?

Copyright © 2004, Juniper Networks, Inc.

7

Image 7
Contents Juniper Networks, Inc Part Number 710008-001 June Table of Contents Introduction Provide strong security Executive SummaryOffer ease of use and management Quick Checklist Offer ease of use and management DNS Detailed Buyer’s ChecklistStrong Security FTPVPN Specific Page Page Predictable Performance RIP Fault Tolerant High Availability, ResiliencyOspf BGPYes, custom VPN Snmp Ease of UseCLI SSHMIB MIPNTP Simple Deployment and Installation Features for Remote Users and Offices