Security Basics mailing list archives
Re: Internal VPN Connections
From: "D.N.Vaidya" <dnvaidya () rilinfo net>
Date: Mon, 12 Sep 2005 22:13:18 +0530
One suggestion: Internet | | |Servers Core Router/Switch<--------------->Firewall/VPN Device<-------->L2/L3Switch<---->|Servers |Servers If VPN device and firewall are seperate then put the VPN device after firewall before servers. I have assumed here that you want to allow the authorized users to connect to your servers from the Internet via the Internet. Hope this will add some value Sincerely, D. N. Vaidya ( //)) //\\// \\// ) "The information in this mail is confidential and is intended solely for the addressee. Access to this mail by anyone else is unauthorized. Any copying or further distribution beyond the original recipient is not intended and may be unlawful. The opinion expressed in this mail is that of the sender and do not necessarily reflect that of Reliance" ----- Original Message ----- From: "Cam Fischer" <camfischer () gmail com> To: <security-basics () securityfocus com> Sent: Sunday, September 11, 2005 9:59 PM Subject: Internal VPN Connections
I am looking for advise / thoughts on if I should plug the internal side of my VPN device into my core network or not? I am reading that I should be doing VPN quarentining (to ensure there is AV installed on the machine etc). But is there a risk plugging into the core switch with all my servers, or should I plug into a seperate network? Internet | | VPN Device -------------> CORE NETWORK <----------SERVERS | Switch | Other workstations Am I more vulnerable doing this? CF
Current thread:
- Internal VPN Connections Cam Fischer (Sep 12)
- Re: Internal VPN Connections D.N.Vaidya (Sep 12)
- <Possible follow-ups>
- Re: Re: Internal VPN Connections sf_mail_sbm (Sep 16)