if you are using windows

James Baldwin · ‎08-25-2016

Hi folks,

What you people suggest as a solution for a locked-down, secure point-to-point connection between two Windows systems across a corporate network.

Only a specific machine should be able to connect to the other machine over an encrypted network, with a limited set of protocols enabled.

Would a pair of ASA 5505s help?

Many thanks,

James

Terence Payet · ‎08-25-2016

HI,

For a small deployment like this. You don't need ASA. You can use two normal routers with security feature and use ipsec to encrypt your data.

Unless you have some spare ASA's lying around in which you are not using :).

HTH.

Please rate helpful post.

Regards,

Terence

James Baldwin · ‎08-25-2016

Thanks Terence,

If I couldn't rely on my corporate routers, etc and had to perform that router end-point configuration myself, what kind of hardware (most economical) would you recommend, please?

You mean the router would encrypt the traffic between routers? Could we do something on the windows servers so that the data is encrypted before it hits the wire? windows IPsec? AnyConnect?

Cheers!

James

Terence Payet · ‎08-25-2016

Hi James,

Yes the routers will encrypt your data using ipsec.

But you can go towards windows as well.

Have a look at this http://www.techrepublic.com/article/create-an-ipsec-tunnel-directly-to-a-remote-windows-server/

Although I haven't use windows before.

Or else you can go towards linux if you are fluent with it.

HTH.

Please rate helpful post.

Regards,

Terence

pjain2 · ‎08-25-2016

if you are using windows machines, you can have a headend and configure l2tp/ipsec to encrypt the data between two endpoints.

Point-to-Point Secure Connection