North American Network Operators Group|
Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical
On Tue, 16 Jan 2001, Dave Wardle, Critical Networks, Inc. wrote: > Date: Tue, 16 Jan 2001 18:48:31 -0800 (PST) > From: "Dave Wardle, Critical Networks, Inc." <firstname.lastname@example.org> > To: email@example.com > Subject: IPSectarianism > > > Is anyone on the list aware of Service Providers (ISP/NSP...) who DO > block IPsec traffic, with or without informing their customers or peers? > I used to work for an ISP (http://www.pilot.net) who blocked *all* traffic except that specifically asked for, in the interests of security. This was spelled out in the sales contract, and in fact was a prime selling point. (I ipened a lot of pinholes in a lot of firewalls for IPsec.) I imagine there are other ISPs who do the same. >From a customer standpoint, where I am now, I would never sign on with an ISP/NSP who filtered *any* traffic. I can manage my own firewall thank you very much. I pay them for network access, to get my packets from me to elsewhere and back, not to be my guardians. > I'm trying to assess the pros and cons of major Enterprise Customers > basing their entire remote office/small office/mobile network access > strategy on some type of IPsec based VPN solution. > I've been very happy with Cisco's IPsec VPNs from PIX to PIX. They're reasonably stable, very easy to set up, and since I'm not the one paying 12 grand + for what amounts to a 2-year-old desktop box running modified IOS, their price is right. Oftentimes clients simply say "Cisco? Cool, here's some money." Only caveat being, you really need the failover. Mobile, I can't help you, sorry. > Any thoughts? > > Cheers > Dave > > ------- > Dave Wardle, Principal Consultant > Critical Networks, Inc. > ------- > Email: firstname.lastname@example.org > Homepage: www.criticalnets.com > ------- > Cell: 831 332 1021 > Tel: 831 662 1710 > Fax: 831 662 1710 > ------- > >  Please no snide comments about my current provider, I am not too pleased with them for exactly the reason you're thinking and am discussing other options with my supervisor.