Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2166
Views
4
Helpful
4
Replies

Remote Access - Design

jeanpaul.cisco
Level 1
Level 1

‎06-23-2013 12:44 PM - edited ‎03-03-2019 07:06 AM

Hello

Business requirement is to ensure Remote access service is available for 400 users with around 75 concurrent. The solution should be scable to support around 600 users max with 150 concurrent users.  Remote access solution should support

  • 2008 Active Directory integration
  • different level of access to be provided to users. i.e only allow email access, allow full access, allow SAP access
  • all activity should be logged. i.e who - when logged in - logged out  /  passed authentication-failed authentication /
  • ensuring users access VPN from corporate laptop only

Appreicate getting feedback on what hardware / software needed to cover the requirement

thanks

Jean

Labels:
0 Helpful
4 Replies 4

Marwan ALshawi
VIP Alumni
VIP Alumni

‎06-23-2013 09:45 PM

Check the data sheet of cisco ASA 5520 and ASA 5525-x

Both can provide up to 750 VPN remote access using any connection client or client less using web/ssl

and for sure you can get logging, AD Integration

Hope this help

0 Helpful

jeanpaul.cisco
Level 1
Level 1
In response to Marwan ALshawi

‎06-23-2013 10:53 PM

Thanks for the response.

what license to purchase for ASA  to facilitate Web/SSL and any connect vpn client

Do we need to pay for client software based on users

for authentication, authorization and logging which tool is recommended

thanks

Jean

0 Helpful

Marwan ALshawi
VIP Alumni
VIP Alumni
In response to jeanpaul.cisco

‎06-23-2013 11:05 PM

when you purchase the ASA you can specify the VPN type you want with amount of licenses

ASA can integrate directly with AD or you may use Cisco ACS to integrate with ASA and ACS can communicate with your AD for authentication

logging can be send from ASA to any software you might have you can research on this

HTH

0 Helpful

shillings
Level 4
Level 4

‎06-25-2013 01:31 AM

Hi Paul, you might consider some of the new cloud security offerings that tie-in with the ASA 5500 and 5500-X platforms. For example, Cloud Web Security (CWS) can inspect HTTP and HTTPS traffic for both your corporate users and remote users. It includes anti-Malware and a couple of AV scanners.

Remote machines utilise a split tunnel, where all web traffic is forced through Cisco's Scansafe cloud and all corporate traffic is routed to the head-end ASA.

You'll need version 9.x software. CWS is per-user licencing, so offers granular pricing.

The only catch is that I'm pretty sure remote users require the more expensive AnyConnect Premium per-user licencing, instead of the cheaper AnyConnect Essentials per-platform licence. But check as I'm not 100% sure from memory.

Customers Also Viewed These Support Documents