Educause Security Discussion mailing list archives
Re: Persistence IPSEC tunnel with Vendor
From: "Barton, Robert W." <bartonrt () LEWISU EDU>
Date: Mon, 4 Apr 2016 13:05:02 +0000
Morning, I have done this before. - We did not allow access to or send them DNS information. - We firewalled the connection. - We limited the connection speed. - They had to sign/follow OUR agreements on disclosure/NDA, password policy, and AUP. - We used NATting to hide the internal and external IPs. Robert W. Barton Director of Information Security Lewis University One University Parkway Romeoville, IL 60446-2200 815-836-5663 -----Original Message----- From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Yost, Davis Sent: Sunday, April 03, 2016 6:41 PM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: [SECURITY] Persistence IPSEC tunnel with Vendor Has anyone been asked to setup a IPSEC VPN tunnel with a vendor? I have been asked to offer this service to a vendor and I'm currently denying this request. I would like to hear from other Security professionals to see if I'm being too strict. They are requesting a tunnel to our network and connecting to a SQL database which currently is a server on our Administrative network. If you have allowed this type of connection, do you have any security agreements that you require them to sign prior to making the connection. Thank you, Davis Davis Yost, CISSO Associate Director, Security and Networks yost () northwood edu<https://mail.northwood.edu/owa/redir.aspx?REF=oqO2_kyiMN1omZ5rmTRk27bO-2oABzTyz7JSSeEg-DKjSX8kGVzTCAFtYWlsdG86eW9zdEBub3J0aHdvb2QuZWR1> 989.837.4185 office 989.837.4184 fax Developing Leaders of a Global Free-Enterprise Society This message (including any attachments) is intended only for the use of the individual or entity to which it is addressed and may contain information that is non-public, proprietary, privileged, confidential, and exempt from disclosure under applicable law or may constitute as attorney work product. If you are not the intended recipient, you are hereby notified that any use, dissemination, distribution, or copying of this communication is strictly prohibited. If you have received this communication in error, notify us immediately by telephone at (815)-836-5950 and (i) destroy this message if a facsimile or (ii) delete this message immediately if this is an electronic communication. Thank you.
Current thread:
- Persistence IPSEC tunnel with Vendor Yost, Davis (Apr 03)
- Re: Persistence IPSEC tunnel with Vendor Barton, Robert W. (Apr 04)