[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now


WatchGuard Firebox III 1000 and Nokia IP130

Posted on 2005-04-22
Medium Priority
Last Modified: 2011-09-20
WatchGuard Firebox III 1000 and Nokia IP130

Currently I have a WatchGuard Firebox III 1000.  What I need to do is drop a Nokia IP130 SSL VPN appliance into my network

I know someone is probably wondering why I am adding the Nokia VPN appliance when the WatchGuard Firebox offers a VPN solution.  Well the reason is that we are in health care so I need the most secure tunneling so I choose SSL over IPsec.

What I am hoping for is someone with either direct experience or just over all skills to give me some help; insight or direction has to how to do this.
Question by:dclima
1 Comment

Accepted Solution

scdavis earned 2000 total points
ID: 13850699
SSL via IPSec..?

Health care, finance or any other data-sensitive industry..  that seems like overkill to me.

If you're determined to do that -- just think through the connections and I suspect you'll answer your question for yourself.  

IPSec is generally site to site (office to office)  -- so something establishes an IPSec tunnel to your existing Firebox.  (be it either an application on the 'client' machine.. or another FireBox servicing an office, yes?)

IPSec encryption is generally "more than sufficient".  You've go to consider where the traffic originates from and where it is destined.  If you are using software on PCs -- and they land the session at your Fire 1000, you've got to physically secure all the ethernet BEHIND the firebox to make this effective.

Putting SSL into a strong encryption/authentication tunnel is redundant.

Sure, the defense in depth argument can be applied -- and if you have the time and money -- knock yourself out.

Just pay attention to where the traffic gets encrypted and de-crypted, eh?

-- Scott.

Featured Post

Microsoft Certification Exam 74-409

Veeam® is happy to provide the Microsoft community with a study guide prepared by MVP and MCT, Orin Thomas. This guide will take you through each of the exam objectives, helping you to prepare for and pass the examination.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Greetings, Experts! First let me state that this website is top notch. I thoroughly enjoy the community that is shared here; those seeking help and those willing to sacrifice their time to help. It is fantastic. I am writing this article at th…
Trying to figure out group policy inheritance and which settings apply where can be a chore.  Here's a very simple summary I've written which might help.  Keep in mind, this is just a high-level conceptual overview where I try to avoid getting bogge…
Michael from AdRem Software explains how to view the most utilized and worst performing nodes in your network, by accessing the Top Charts view in NetCrunch network monitor (https://www.adremsoft.com/). Top Charts is a view in which you can set seve…
When cloud platforms entered the scene, users and companies jumped on board to take advantage of the many benefits, like the ability to work and connect with company information from various locations. What many didn't foresee was the increased risk…

872 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question