Problem: The rules at the firewalls became non-transparent and confusing.  

Solution: We negotiated with our client in many steps concerning the reachable goals, and scanned the usage of the actual rules. As a result of the successful communication the control-system was totally redesigned, and IP addresses regard to the new organization were distributed. Configuration was done keeping the system alive, and was introduced after testing. 

Problem: Configuring client-based remote VIP access 

Solution: With the help of the identificaton service of Microsoft Active Directory address list used by our customer, we built up a secure remote access, easy to administer. We made possible to use client profiles using the firewall devices’ local identification, and 3rd party VPN client profiles (Shrewsoft) as well.  

Problem: More effective usage of the redundant internet accesses, building up redundant S2S VPN channels.

Solution: During the survey and the discussion we realized that the most important aspects are simplicity and transparency of the settings. That’s why we decided that in place of the difficult to configure policy based routing not appearing in the routing tables, the logical conventional routing was constructed taking the bandwidth and the availability of the internet accesses also into account. Based on the same aspects we built up the VPN channels connecting the premises.