> No, this will be another means to set up secure channels between end
> systems, such as a client-to-firewall or desktop-to desktop. Tunneling can
Technology vs. Cost and Market. Take a guess who is going to win.
1)MS is 90% of the desktop market and after NT squishes Novell, MS will
also be 90% of the NOS market.
2)PPTP is FREE!!!! and sort of works
3)PPTP is backwards compatible with deployed PPP clients(when used with PPTP
ISP), so no deployment admin costs
4) With compatible ISP terminal servers, there is NO modification to
client software. Have you ever tried to load foreign networking
stacks (i.e. firewall VPN stacks)
on a 10,000 WindBlows machine and enjoyed it? If so I know about 1,000
MIS managers that would want to hire you.
5) Now, tell me again why I need yet-another-VPN-client?
1) I need a VPN client to telnet to my firewall.
Ok, that will sell about 100 clients
2) I need VPN client to get mail off of my 10%-of-NOS-type mail server.
OK, thats about another 1,000 clients
3)MS security authentication sucks because key generation is via
OK thats about another 1,000 clients (commercial market, but
government may be tons)
4)PPTP routing sucks (as per Russ Cooper)
OK thats about another 100 clients who want to pay $100/client to
see www.playboy.com smoother and faster.
Summary: i just don't see why anyone would spend $100-$150/client
just for IPSEC. Ok, there is a niche market for the
security-noids,10%-noids, telnet-to-firewall-noids but can firewall
vendors make a living at it?
If anyone wants to shed more light on this topic, I am all ears (and
so are several of my clients).