Here's our network configuration:
1.) GTE and SpecNet T1 lines go to a Cisco 7010 Router.
2.) From there, an Ethernet connection is made to a PIX 10000 Firewall.
3.) Two internal connections are made (both via Ethernet) : One to a DMZ,
where hosts serving web pages and mail WILL eventually reside, and the second, to our core campus switch, currently a Bay Accelar 1200 series.
4.) From there, IP is routed to numerous desktop switches (at least one in
each building, most being Bay 350's and 450's.)
As for the changes currently underway, the plan is to exchange the 350 and 450 desktop switches with Cisco 2900 and 3500 series desktop switches, the 7010 router gets replaced by a newer Cisco 7204VXR Router, and the core campus switch (Accelar) gets replaced by a Cisco Catalyst 6509 switch. Also likely is that the PIX 10000 will be replaced next year by a PIX 540 or newer model.
We want to add a hardware VPN box to this mix that will authenticate with a Windows NT/2000 directory service. The VPN box will be used probably by 20-25 clients at a time (a 50 user capable box should be more than sufficient). I'm looking for recommendations on what brand to go with. Naturally, as we move towards Cisco (and newer Cisco products) that seems like the logical solution, but I want other opinions and options and specific model recommendations. Further, the device should have client side software that essentially splits the connection - where data destined for our network goes to our network but other data comes from their standard internet connection (cable modem, DSL, modem, etc) - I'll give 50 points to each person who contributes significantly (separate questions for each person).