RE: Opinions on VPN?

["Dendeni, Iyes" <Iyes_Dendeni () NAI com>]

There are several ways to implement VPN links, and as Fred noted earlier,
you can always implement a VPN link to stop at the firewall door-step and
require further inspections of the packets. 

The real benefit of VPNs is cost savings as an alternative to leased lines
WANs , and protecting your data from outsiders while packets travel over the
Internet. Keep in mind that VPNs are the most efficient way if not the only
way to prevent against IP hijacking/sequence guessing/man-in-the middle
attacks.

--Iyes.

> -----Original Message-----
> From: Jan B. Koum [mailto:jkb () best com]
> Sent: Saturday, April 17, 1999 9:26 PM
> To: firewall-wizards () nfr net
> Subject: Opinions on VPN?
>
>
>       Hi folks,
>
>       Just wanted to find out what other people opinion on 'VPN' as a
> general idea? IMHO, the person who came up with the VPN idea should be
> shot, because in most cased all VPN do is create entry points into your
> network (in most cased right past the firewall and some times in the
> hear of your network). They also give admins false sence of security:
> the data is encrypted. But if 'rm -rf /' or 'cp porn.html index.html'
> command -- so what?! That command (traffic) is still there!
>
>       Am I alone in the opinion that VPN mostly suck or is it just
> because I tend to run into a lot of misconfigured cisco routers which
> do encrypt data, but also route packets from others into your net :(
>
> -- Yan