I'm looking for a SSL VPN solution for laptop.
I found Junos Pulse solution but I have many questions about types of authentication supported:
- Is Junos Pulse compatible with Aladdin eToken (with certificate from enterprise PKI) ?
- Is Junos Pulse compatible with OTP (linked to RADIUS) ?
- If users have eToken and OTP, can he choose type of authentication on Junos Pulse GUI?
Junos Pulse is just the client, you need an SA series to terminate the SSL VPN, or you can use IPSec with an SRX series.
SAs are compatable with LDAP, AD, RADIUS, NIS, ACE, SiteMinder, SAML and Certificate Servers, and has its own Anonymous and built in user database.
You can create 2 seperate connections in Pulse, one to use either method, so the user can choose which one one use when connecting, or indeed you can get users to authenticate against both before being able to connect.
Thanks for your answer.
If I understood, SA is compatible with eToken (Certificate) and OTP (RADIUS).
Is Pulse configuration (like the 2 seperate connections) centralized on SA?
I don't want to configure each Pulse client.
Having not worked with either product I cannot say with absolute certainty but if they use the open standards for each technology then they will work.
Yes, the SA can deploy the client pre-configured to the client when the user visits a web page.
If you contact your Juniper sales rep you could possibly organise a trial or they could provide ou with a demonstration.
OTP does not create any problem if it is handled by Radius. so 100% functionality.
the SA does also offer a lot of functionality regarding certificates.
Code Signing Certificates
I would recommend that you'r asking your reseller/distributer for getting a DEMO Box or a DTE version (Virutal / limited to 2 Users - Feature Complete!) so you can do a quick prove of functionality