blowdart wrote:
ZippyV wrote: I don't get this: Windows supports vpn connections but we still have to install another vpn client. Why?
Because the MS VPN client is rather limited. It doesn't support certificates as authentication, or SecureID or any of the other myriad of tokens out there. It only does PPTP and IPSEC L2PTP (and the IPSec setup is preshared key, and used to be a royal pain to setup).
The OS out of the box client certainly supports certificates - I vpn'd into work this evening using 2 factor auth; username/password plus smartcard w/certificate and PIN. This has been in place from w2k. SecureId isn't really a vpn client, it is an add-on which sits on top of real vpn clients. IAS/RADIUS integrates with this from a wintel perspective.
As for why install another vpn client - I have worked with a few dozen different companies deploying remote access solutions. All but a small few had 2 factor auth, certificates, or alternate protocols. This is not generally the rationale behind having another client installed. It is (in my experience) a decision driven by the people who own the 'edge', typically the network support guys. They use Cisco all the time, so to them it is a default choice to use a Cisco client. At the end of the day, vpn clients are all very very similar now - there is little to differentiate them from a feature perspective. The decision is based on vendor relationship and support options.
