Security Basics mailing list archives
RE: SSL VPN
From: "Optrics Engineering - Shaun Sturby, MCSE" <Shaun () Optrics com>
Date: Fri, 12 Dec 2003 13:27:38 -0700
Hello John, Have you read the recent Lightreading testing results? http://www.lightreading.com/document.asp?doc_id=44442 Eight vendors took part in this evaluation: Array Networks Inc. Aventail Corp. NetScaler Inc. NetScreen Technologies Inc. (Nasdaq: NSCN - message board) Nortel Networks Corp. (NYSE/Toronto: NT - message board) PortWise AB Symantec Corp. (Nasdaq: SYMC - message board) Whale Communications Ltd. The Netscaler did the best under DDoS attack. Shaun -----Original Message----- From: John Canty [mailto:John.Canty () Vibro-Meter com] Sent: Friday, December 12, 2003 5:58 AM To: security-basics () securityfocus com Subject: SSL VPN My question to the populace of this list, is fairly straight forward. First, does anyone have one of these "new fangled" devices, and gone through its setup? If so, Do you see any potential for security problems, that being the case, what are they? I expect to put this thing in the dmz, probably not the way it was originally intended to work, and I also understand the implications of opening up the AD ports to the back end of the DMZ. I feel this risk is minimal due to the ability to remove most other servers from the dmz, and use this appliance/device for most of the user transaction processing. Relay servers will remain in the dmz, but even the comprimise of a relay server has minimal effect as long as it is noticed. Which leads to another question about the vpn appliances, under ideal circumstances I would like to dump its system logs off to a syslog server, has anyone done this? Thank you in advance for your help, //John
--------------------------------------------------------------------------- ----------------------------------------------------------------------------
Current thread:
- SSL VPN John Canty (Dec 12)
- RE: SSL VPN Optrics Engineering - Shaun Sturby, MCSE (Dec 15)
- <Possible follow-ups>
- Re: SSL VPN Erik (Dec 15)