Any ideas or recommendations? Picking up a Hospice client, going to need a site to site vpn between office,s but also has 30 field units that will need to have a secure vpn to sync patient data. 30 users will not be concurrent. On the cheaper end as well.
![[H]ard|Forum](/styles/hardforum/xenforo/logo_dark.png){kind=logo}
Navigation
Install the app
How to install the app on iOS
Follow along with the video below to see how to install our site as a web app on your home screen.
Note: This feature may not be available in some browsers.
More options
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an alternative browser.
You should upgrade or use an alternative browser.
SSL VPN Appliance or RSA VPN Appliance?
- Thread starter marley1
- Start date
YeOldeStonecat
[H]F Junkie
- Joined
- Jul 19, 2004
- Messages
- 11,330
Did they ask you to quote out an RSA SecureID setup? I've only seen that used in higher end places, like a few years ago when a girlfriend of mine that worked at Pfizer had to remote in and do her work over Lotus Notes..she had one of those dongles. And a client of mine that is a big accounting firm and does a lot of work transferring huge amounts of money to a bank in England, they use one of those SecureID dongles when they VPN into Barclay.
IMO RSA VPN will be overkill and cumbersome for their nursing staff (look at the average nurse they have over there....now picture how much hand holding will need to be done if you complicate things too much)
Some notes from my Hospice client....
*They usually aren't too tight on their budget, when talking to management/the bean counters, they're about business, so when it comes to spending more up front so they can save money down the road, they'll do it. Remember, they pay their nurses by the house that the nurses bill. So if <something> that you do will speed up the nurses jobs, it will cost your Hospice client less money in the long run because the nurse will get done quicker thus put less time on their timecard.
Example...laptops. My Hospice client runs on Suncoast, which is a heavy program that uses .NET Frame and Progress...both are system intensive. My Hospice client also has 30x remote laptop users. When I first took them on as a client years ago, they had their network behind a Cisco PIX 501. It was pokey, and that damned Cisco VPN client was a pain in the ass to maintain...always blowing up thus causing nurses to call me at nighttime with problems, and I'd have them uninstall it, run a winsock fix, and then reinstall it. So I got fed up with the PIX, and got a Linksys/Cisco RV016. The QuickVPN client worked pretty well for a while, much faster than the PIX, but then after 6 months or more..I noticed that the RV016 itself would start giving quirks with the VPN users, requiring a factory reset and then config restore. Also required VPN client install..which sometimes I needed to do. They told me they were going to be hiring quite a bit more nurses and needed top notch VPN/remote access, so I went right up to a Juniper SA700 SSL VPN appliance. Yup...3 grand...but wow what a great investment. No IPSec VPN client to install, it's browser based and just installs a little java plugin. It's so problem free, and it's wicked fast...you can have a bunch of remote VPN users logged in at the same time and no slowdowns. That part right there is important..no slowdowns, the fact that the VPN tunnels are fast. Remember..nurses are charging Hospice by the hour, the faster they VPN in and replicate their mobile databases, the less in payroll Hospice has to pay. If you have 30x nurses, and each can shave a 1/2 hour or an hour off of their time for the week...do the math! A 3 grand VPN appliance can recoop it's cost very quickly...and start pulling ahead in very short time.
Another thing I got my Hospice to jump on...because it makes financial sense...getting good fast laptops. This month I'm replacing 7x laptops for them, and the laptops that they're replacing are IBM Thinkpad X40 and X60 series...1/2 decent Pentium Ms with 512 and 1024 megs. But Suncoast replication on them often took from 10 to 20 minutes..some of the older X40 models even would take 30 minutes to replicate..and the big part.."process" the information.
Through my upgrades at Hospice....going to the Juniper VPN appliance, upgrading their Comcast pipe to a 50/10 meg pipe, and replacing most of the laptop fleet with brand new Latitudes with C2D, 4 gigs of RAM, and hardware encrypted hard drives (many are SSD now)...they replicate in under 5 minutes....actually most are done in under 1 minute.
So each nurse will replicate at least several times per week. Lets say 4 times per week on the light side. Times 30x nurses. That's 120. Times roughly 30 minutes. That's quite a payroll savings if you add all of that up. The VPN appliance costing 3 grand, each laptop costing 2 grand, your time in setting up each nurse to replicate from home (usually 1 hour setup for my onsite)....even though those costs are high, the recoop for payoff and benefit is short term.
I have nothing but good stuff to say about Juniper...freaking solid and flawless performance, and their support is great, absolutely great. You get a live body quickly, and they're one of the few ones that have called me back on my cell a few times to check on this after you have a case with them.
However at my Hospice I have an Untangle Pro package appliance..and since I've had good luck using Untangles OpenVPN, I may switch over to that for Hospice. Since I have the Pro package of Untangle over there it includes support, and I've also had a great experience with their support.
IMO RSA VPN will be overkill and cumbersome for their nursing staff (look at the average nurse they have over there....now picture how much hand holding will need to be done if you complicate things too much)
Some notes from my Hospice client....
*They usually aren't too tight on their budget, when talking to management/the bean counters, they're about business, so when it comes to spending more up front so they can save money down the road, they'll do it. Remember, they pay their nurses by the house that the nurses bill. So if <something> that you do will speed up the nurses jobs, it will cost your Hospice client less money in the long run because the nurse will get done quicker thus put less time on their timecard.
Example...laptops. My Hospice client runs on Suncoast, which is a heavy program that uses .NET Frame and Progress...both are system intensive. My Hospice client also has 30x remote laptop users. When I first took them on as a client years ago, they had their network behind a Cisco PIX 501. It was pokey, and that damned Cisco VPN client was a pain in the ass to maintain...always blowing up thus causing nurses to call me at nighttime with problems, and I'd have them uninstall it, run a winsock fix, and then reinstall it. So I got fed up with the PIX, and got a Linksys/Cisco RV016. The QuickVPN client worked pretty well for a while, much faster than the PIX, but then after 6 months or more..I noticed that the RV016 itself would start giving quirks with the VPN users, requiring a factory reset and then config restore. Also required VPN client install..which sometimes I needed to do. They told me they were going to be hiring quite a bit more nurses and needed top notch VPN/remote access, so I went right up to a Juniper SA700 SSL VPN appliance. Yup...3 grand...but wow what a great investment. No IPSec VPN client to install, it's browser based and just installs a little java plugin. It's so problem free, and it's wicked fast...you can have a bunch of remote VPN users logged in at the same time and no slowdowns. That part right there is important..no slowdowns, the fact that the VPN tunnels are fast. Remember..nurses are charging Hospice by the hour, the faster they VPN in and replicate their mobile databases, the less in payroll Hospice has to pay. If you have 30x nurses, and each can shave a 1/2 hour or an hour off of their time for the week...do the math! A 3 grand VPN appliance can recoop it's cost very quickly...and start pulling ahead in very short time.
Another thing I got my Hospice to jump on...because it makes financial sense...getting good fast laptops. This month I'm replacing 7x laptops for them, and the laptops that they're replacing are IBM Thinkpad X40 and X60 series...1/2 decent Pentium Ms with 512 and 1024 megs. But Suncoast replication on them often took from 10 to 20 minutes..some of the older X40 models even would take 30 minutes to replicate..and the big part.."process" the information.
Through my upgrades at Hospice....going to the Juniper VPN appliance, upgrading their Comcast pipe to a 50/10 meg pipe, and replacing most of the laptop fleet with brand new Latitudes with C2D, 4 gigs of RAM, and hardware encrypted hard drives (many are SSD now)...they replicate in under 5 minutes....actually most are done in under 1 minute.
So each nurse will replicate at least several times per week. Lets say 4 times per week on the light side. Times 30x nurses. That's 120. Times roughly 30 minutes. That's quite a payroll savings if you add all of that up. The VPN appliance costing 3 grand, each laptop costing 2 grand, your time in setting up each nurse to replicate from home (usually 1 hour setup for my onsite)....even though those costs are high, the recoop for payoff and benefit is short term.
I have nothing but good stuff to say about Juniper...freaking solid and flawless performance, and their support is great, absolutely great. You get a live body quickly, and they're one of the few ones that have called me back on my cell a few times to check on this after you have a case with them.
However at my Hospice I have an Untangle Pro package appliance..and since I've had good luck using Untangles OpenVPN, I may switch over to that for Hospice. Since I have the Pro package of Untangle over there it includes support, and I've also had a great experience with their support.
Recently put in a Juniper SA700 here at work. I was going to mess around with putting Dynamic IPsec VPN licenses on my Juni SRX240's but the SA700 was a good deal, and works great. I had it up and running in a day. (although it took for effing ever to get the licenses provisioned, but that was more of a distributer issue, not really junipers fault)