Where Do I Start?

vern.saunders · ‎12-26-2000

I have 5 geographically dislocated offices that each have their own Internet connection. The customer is in the banking industry and needs to be able to securely communicate between each of the five offices. Each office currently has it's own Firewall and associated rule set. I would like to do IPsec and 3DES for this customer and implement a central firewall policy server at the HQ office. Where do I start?

mfistler · ‎12-28-2000

Vern,

I’m going under the assumption that each of the firewalls currently installed are Cisco PIX firewalls. If they are PIX firewalls it’s pretty simple to implement a 3DES secure VPN from each site to each other. Before you start there are going to be a bunch of question that you need to supply your self with answers first before you start.

At least my initial question were:

I recommend reading up on IPSEC first. There is nothing worst that trying to implement something without knowing all or your options; such as do I use pre-share or a PKI infrastructure.

Cisco VPN Introduction:

http://www.cisco.com/univercd/cc/td/doc/cisintwk/ito_doc/vpn.htm

How do I manage this?

I’ve been playing with the Cisco secure policy manager, and so far I like it.

Try this link, they also have a 30 day eval.

http://www.cisco.com/warp/public/cc/pd/sqsw/sqppmn/

How do I configure this?

Follow this link, more that enough information here to get you in trouble. The examples have really good example scenarios and explanations.

http://www.cisco.com/warp/public/700/configsec.html

Which products should I use?

You all ready have the firewalls, the only thing you have to do is provide a management platform.