Good Morning - if this has been answered somewhere else, please direct me to that location.
My organization currently uses a cisco VPN concentrator where non-domain devices (laptops, ipads, windows tables) connect via username/password (happens to be the same credentials as their AD). From that device they then RDP into a designated PC (using their AD credentials) that is only used for VPN connectivity. From there then get to navigate to file shares and other internal applications based on their domain access and the software on that PC - all through a wonderful RDP session. Needless to say from an operations and security standpoint, this is horrible.
we recently partnered with a MSP for data center hosting and the offering included a sophos xg virtual FW. While I am not ready to let the IT team replace our perimeter firewall with the xg, I know we can create a MUCH better VPN experience for our users. the xg is currently inbetween our cisco asa and datacenter/enterprise enviroment- it is inline, has AD integration, but not making major decisions.
what I would like to see is our IT team get rid of the concentrator and utilize the xg for vpn access. they say it can not be done because our mobile devices are non-domain. I say bull.
would there be any reason we could not utilize the xg in the above situation to provide a better, more secure vpn experience.?
thank you for taking the time to read my mini-novel.
This thread was automatically locked due to age.
