Solved

Should i use VPN over a leased line for HQ & Branch

Posted on 2011-09-25
5
383 Views
Last Modified: 2012-05-12
Dear All

Background
HQ:


HQ Network
SSG140
    |
    |  2M Leased Line
    |
SSG5
Branch Office Network

I used Site to Site VPN to Successfully connected both Networks. (It is working ok).
I know that instead of VPN, i can create route between networks & consider the things between 2 firewall a cable.  

--------------------------------------
My questions is
Anything else that i should pay attention to?????
Any Advantage or Disadvantage of using VPN here?????
How much overhead of VPN over direct routing????

Experts, please kindly share your experience?

0
Comment
Question by:Gordon Tin
  • 2
  • 2
5 Comments
 
LVL 90

Accepted Solution

by:
John Hurst earned 250 total points
ID: 36595041
The second approach (2 firewalls) leaves your network open to attack at both ends because the traffic is public.

The first approach (VPN) ensures the traffic between sites is closed and encrypted and is much (much) more secure than the first approach. This approach (VPN) is a very common way to hook up two sites because of the overall security offered.

.... Thinkpads_User
0
 
LVL 10

Assisted Solution

by:ujitnos
ujitnos earned 250 total points
ID: 36595476
If you have a leased line between your HQ and branch, then there is no need for a VPN setup. VPN does provide extra security to the data being transferred, but in your case the HQ and Branch can be considered as a WAN setup. Now as this leased line is just for your use, there wont be any other company's traffic through it. Configure rules in the firewall to allow only specific and relevant ports for communication and you should be safe enough.

 
0
 

Author Closing Comment

by:Gordon Tin
ID: 36940195
Good Support
0
 

Author Comment

by:Gordon Tin
ID: 36940196
good Support
0
 
LVL 90

Expert Comment

by:John Hurst
ID: 36941876
Thank you. I was pleased to help.   ... Thinkpads_User
0

Featured Post

Free Trending Threat Insights Every Day

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

Join & Write a Comment

I found an issue or “bug” in the SonicOS platform (the firmware controlling SonicWALL security appliances) that has to do with renaming Default Service Objects, which then causes a portion of the system to become uncontrollable and unstable. BACK…
Getting hacked is no longer a matter or "if you get hacked" — the 2016 cyber threat landscape is now titled "when you get hacked." When it happens — will you be proactive, or reactive?
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

708 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

11 Experts available now in Live!

Get 1:1 Help Now