Thanks in advance for your advice
We have to implement VPN connection for nearly 7 countries
Option 1 :
As we have private MPLS link to all 7 countries. It is been outsourced Third party.
- They provide VPN with 2FA with a extra cost. But challenge is it opens up access to all countries.
- Managed by Third party, Every change request depends on them
- Thinking that it might be challenge to manage in terms of security and compliance
- though we have a option of creating access list to restrict access to their respective countries. i beleive its challenge for security becuase some of the countries may be PCI compliant and do different projects.
- Is it possible to monitor through the local FW or IPS?
OPTION 2:
- Every country has their own FW(ASA or Fortigate)
- Can we create VPN in the respective FW? Is it advisable than VPN through MPLS?
- Is the VPN free for the Fortigate and ASA?. Is there any limitations?
- I believe its easy and have more control to implement VPN in the respective countries
- As they will have access only to the particular zone (country)
- It will be useful for future projects in terms of compliance.
As usual, please provide your highly valuable comments/answers/opinion. Which is the best way to go
Aucun commentaire:
Enregistrer un commentaire