Security Basics mailing list archives
Re: Teleworking
From: JGrimshaw () ASAP com
Date: Thu, 13 Nov 2003 11:21:53 -0600
I didn't realize you were actually looking for a reply until you sent the second message. Since he never mentioned firewalls to begin with, just VPNs, I stuck with just the VPNs. But yes, it would be a good idea to implement some sort of client firewall. I think he needs to solve his VPN issues first, though! It is a bit of a chicken-or-the-egg proposal, which to deploy first--but he seems focused on VPNs at the moment. Ramsy <ramsyl () itsecure com> 11/11/2003 11:04 PM To David Lanagan <DLanagan () sterlinginsurancegroup com> cc JGrimshaw () ASAP com, security-basics () securityfocus com Subject Re: Teleworking Hi What about a firewall ? VPN with out a firewall can be hole! Sonicwall box has inbuilt vpn and firewall capabilities and good performance Regards Ramsy JGrimshaw () ASAP com wrote:
You could always allow for a Cisco router at the employees home; a DSL
or
cable router in the 800 series of routers would work, with the option of
a
hardware VPN accelerator. Some models have a four-port switch installed, and you can configure the router to allow only specific MAC addresses to connect via the VPN
tunnel.
So, Bob from Accounting can connect from his work issued laptop,
without
any client installed on it (and as such, would never need updating) and
he
can connect his printer to the switch, have a wireless home network
access
point hooked up and the rest of his family--but only his laptop would touch the tunnel (or if you prefer, his printer too). The tunnel can connect to a PIX or a router at the business. If VoIP was deployed, you cannot use QoS on the PIX, but you could on
the
router. So, if a scheduled backup job kicked off when the employee was connected, VoIP would suffer if you terminated the tunnel on a PIX. But if its a router-to-router connection, you could configure for VoIP
traffic
to receive priority. "David Lanagan" <DLanagan () sterlinginsurancegroup com> 11/10/2003 04:39 AM To <security-basics () securityfocus com> cc Subject Teleworking I'm about to embark on a teleworking project and would like to ask you guys the following... I was going to be using Cisco-based 3des VPNs out to clients who will
use
the vpn client s/w loaded on their machines, an adsl connection and
citrix
for a remote desktop. I was going to employ a securID or similar box to provide additional security. Could anyone out there recommend any other options? I want the
connection
to be very secure and allow for a concurrent usage of up to 50 clients coming in at any one time. Your help will be much appreciated... Regards, Dave. ________________________________________________________________________ Dave Lanagan Lead - Infrastructure Development Tel: 020 8334 1548 Fax: 020 8948 0161 Mail: dlanagan () sterlinginsurancegroup com The information transmitted is intended only for the person or entity to which it is addressed and may contain confidential and/or privileged material. Any review, retransmission, dissemination or other use of, or taking of anyaction in reliance upon, this information by persons or entities other than the intended recipient is prohibited. If you received this in error, please contact the sender and delete the material from any computer. The views expressed in this message do not necessarily reflect those of Sterling Insurance Group Ltd or any of its subsidiary companies.
---------------------------------------------------------------------------
Forum Systems PRESIDIO: PGP / XML GATEWAY APPLIANCE The Presidio integrates PGP data encryption and XML Web Services
security
to simplify the management and deployment of PGP and reduce overall PGP
costs
by up to 80%. FREE WHITEPAPER & 30 Day Trial - http://www.securityfocus.com/sponsor/ForumSystems_security-basics_031027
----------------------------------------------------------------------------
---------------------------------------------------------------------------
Forum Systems PRESIDIO: PGP / XML GATEWAY APPLIANCE The Presidio integrates PGP data encryption and XML Web Services
security to
simplify the management and deployment of PGP and reduce overall PGP
costs
by up to 80%. FREE WHITEPAPER & 30 Day Trial - http://www.securityfocus.com/sponsor/ForumSystems_security-basics_031027
---------------------------------------------------------------------------- -------------------------------------------------------------- I T Secure, Mumbai, India --------------------------------------------------------------------------- Forum Systems PRESIDIO: PGP / XML GATEWAY APPLIANCE The Presidio integrates PGP data encryption and XML Web Services security to simplify the management and deployment of PGP and reduce overall PGP costs by up to 80%. FREE WHITEPAPER & 30 Day Trial - http://www.securityfocus.com/sponsor/ForumSystems_security-basics_031027 ---------------------------------------------------------------------------- --------------------------------------------------------------------------- Forum Systems PRESIDIO: PGP / XML GATEWAY APPLIANCE The Presidio integrates PGP data encryption and XML Web Services security to simplify the management and deployment of PGP and reduce overall PGP costs by up to 80%. FREE WHITEPAPER & 30 Day Trial - http://www.securityfocus.com/sponsor/ForumSystems_security-basics_031027 ----------------------------------------------------------------------------
Current thread:
- Teleworking David Lanagan (Nov 10)
- Re: Teleworking Steve (Nov 10)
- Re: Teleworking JGrimshaw (Nov 11)
- Re: Teleworking Ramsy (Nov 13)
- Re: Teleworking JGrimshaw (Nov 14)
- Re: Teleworking Ramsy (Nov 13)
- Re: Teleworking teemu schaabl (Nov 17)
- <Possible follow-ups>
- RE: Teleworking Joshua Vince (Nov 10)
- RE: Teleworking Gunn, Jeff (Nov 10)
- RE: Teleworking Charles Mitchell (Nov 13)
- RE: Teleworking Gunn, Jeff (Nov 13)
- Re: Teleworking Carl_Foote (Nov 16)
- Re: Teleworking David Lanagan (Nov 17)