What would you suggest for VPN for smaller offices (lower cost) (i.e. medical or legal offices.) I'm currently...
looking at Linux type solution - any thoughts? In looking at lower-cost VPN alternatives, it's important to look at the entire picture -- much of the cost of VPNs comes from the ongoing management. There is no question that effective Linux-based solutions can be realized with minimal hardware and software cost. Linux-based VPN software (such as FreeS/WAN) is powerful and secure. The challenge of configuration and maintenance of these solutions, however, is beyond many people's ability, or willingness to learn.
A great deal depends on what kind of VPN services are required: office-to-office connectivity, or remote access via the Internet? How will access control be managed? How often will authentication materials be changed? How dynamic is the user population? Do IP addressing conflicts exist, and how will they be resolved? How many different OS platforms? How will security policies be enforced? How will security breaches be detected and remediated? If the environment will be relatively unchanging, once established, a Linux-based solution may be well suited.
Shameless plug: It might be worth considering a managed service provider that provides a complete security solution. OpenReach, the company I work for, provides one such solution, which we believe is well-suited to the needs of organizations such as those you describe.
Dig Deeper on Network Access Control
Related Q&A from Jack Keane
Our VPN expert answers the questions: What is the VPN Box? What is the relation between VPN Box and VPN module on the router? Continue Reading