VPN for *DSL/CableModem Users

["Michael C. Ibarra" <ibarra () hawk com>]

Hello:

 I've been asked to perform the horrible task of allowing
 in remote/home internet connections into a corporate LAN.
 The firewall/s in question are a FW-1 and IPFilter (separate 
 machines) combo. The pipe decided upon was either DSL or 
 cable modems, based of course on availibilty. The present
 method is an isdn/SecureID/dialback method. The present
 corporate policy allows no inbound traffic from the inter-
 net and allows a limited outbound connections, mainly http.
 My feeling is that users, unable to reach their AOL/Napster/
 whatever type of services could place a modem into these home
 PC's, corporate owned but that doesn't matter, making that
 box an insecure gateway or transfer point for a virus to the
 corporate network. VPN's IMO would do little to protect a 
 machine which has a greater chance of becoming compromised,
 besides breaking corporate security policy since all non-VPN
 connections would probably allow those same services not 
 normally allowed in the office. My question, and thank you
 for reading this far, is what VPN software and/or hardware
 is recommended and what can be done to enforce the present
 corporate policy (aside from asking users to sign an agreement).

Thank you all,

-mike


        
          The information contained in this message 
           is not necessarily the opinion of Hawk 
                   Technologies, Inc.


_______________________________________________
Firewall-wizards mailing list
Firewall-wizards () nfr net
http://www.nfr.net/mailman/listinfo/firewall-wizards