Hi,
i'm looking for a device that acts as a IKEv2 CPE in a global Deployment with 1000+ sites.
The job is simple:
- Get basic IPv4/v6 Connectivity from internet CPE
- load a basic configuration and RSA Certificate from USB or Cloud-Based Controller
- Establish a IKEv2 Dynamic VPN to regional Hubs with BGP-based Route propagation
The Vendor shoud be able provide Hardware support on a global coverage with maximum 24h HW Replacement. There should be some sort of central Software and Configuration management. As little Scripting/Own development as possible.
Currently my plan is to deal with Cisco ISR1011 or ISR921 in combination with an eToken solution. OK with routing capabilitys, global support and best known Platform in my operations unit. Unfortunately worst Price/IPSEC-Performance and quite expensive management-appliance (DNA-Center)
Another idea is to use Fortinet 40F in combination with a Fortimanager as Controller... very good Price/Performance and Feature richness... but Fortimanager software is a PITA for me and large Deployments are really hard (nearly impossible) to handle.
SRX300 could be a solution in combination with Junos Space Network Director, but i have no experience with this Management Software. Any comments on this?
Any other Ideas here?
No comments:
Post a Comment