We are getting ready to add over 200+ sites to our network. We currently have approx 125 sites, all connected via point-to-point T1s (which aggregate into DS3s at the regional cores). The new sites will have sDSL as the local loop, with the goal being to create IPSec tunnels into our network. I am looking for opinions on which would be better to use to terminate the tunnels at the core, a VPN concentrator or a large router with a crypto accelerator card. All of our current traffic is encrypted over the T1s and DS3s, which terminate into 7200 series routers, so I am intimately familiar with the workings of IOS crypto. However, these routers are not exposed to the internet, which this device would be. Any thoughts, ideas, or smart-aleck comments are appreciated!!!