The Avaya VPN Router (formerly Nortel Contivity) was a great product. And still is for many environments. But is it meeting the demands and expectations of your organization’s remote users? Today’s remote users are using a multitude of different platforms and operating systems such as Windows XP, Vista, and 7. Not to mention Apple platforms such as MacOS, iPhones and iPads. And it’s suppose to be your responsibly to manage and distribute the VPN clients? It’s no longer a simple task. And is your Avaya firewall satisfying your security requirements in today’s dynamic and hostile environments? Legacy, port based, statefull firewalls are no longer relevant with application based threats trying to pry into your network. PaloAlto Networks SSL-VPN meets the requirements of a mixed platform mobile workforce with their client-less SSL-VPN solution. And PaloAlto’s next generation Firewall can deliver with its ability to block threats based on application. Not just on ports.
But did you know that Palo Alto Network devices also support IPSec VPN for branch office connectivity? This means that your migration from one enterprise Branch Office VPN solution to another does not need to be as daunting as it would seem.
Phase 1 would see things as they currently are. With your Branch offices and remote users connecting to the existing legacy VPN solution.
Click to enlarge
Phase 2 would see the integration of a Palo Alto 5000 series device at your organization’s Head Quarters. With some upgraded Branch Offices and SSL-VPN remote users connecting back to your HQ using the new infrastructure. Legacy Branch Offices and remote users still utilizing their existing infrastructure in parallel.
Click to Enlarge
Phase 3 would see the decommissioning of your legacy core VPN router. Because Palo Alto supports the industry standard for IPsec VPN your legacy devices and VPN remote users can now be connected to your new Palo Alto solution. Affording you the luxury to upgrade your Branch Offices and remote users over time.
Click to Enlarge
Phase 4 would be the final stage. All branch offices and remote users have been upgraded to the new Palo Alto solution. All legacy devices have been decommissioned.
Click to Enlarge
Conclusion: Upgrading to your VPN/Firewall infrastructure to your “Next Generation” Palo Alto Networks solution does require detailed planning and logistic considerations. But with the flexibility of the Palo Alto platform and the support for a mixed environment your seamless migration is possible.
