In this blog I will discuss a few items that different between FTNT and PANW with regards to VPN clients
1: GlobalProetct uses a portal with a list of various gateways. The gateways are where your SSL or IPSEC VPN clients are terminated to. So think of it as a distributed gateway
Fortinet is manual you have to define each gateway
2: With Globalprotect if you need to use a radius server that is not using the MGMT interfaces and have defined local admins authentications with an existing radius server, you can have service for radius using a data plane interface
For Fortinet you can source the radius server from any interface
3: GlobalProtect does not support Linux/Chrome/mobile devices without a license for globalprotect gateway
FortiGate does not care it supports numerous clients with no additional license
4: GlobalProtect SSL VPN client does not support DTLS
Forticlient, SSLvpn can use TCP or UDP
5: Globalprotect has a fallback from IPSEC ( default ) to SSL if the former has quality issues
Forticlient has no dual-mode fallback
NSE ( network security expert) and Route/Switching Engineer
No comments:
Post a Comment