Firewall Wizards mailing list archives
Re: Why VPNs aren't magic silver bullet solutions
From: "Steve Goldhaber" <goldy () cisco com>
Date: Wed, 30 Aug 2000 11:49:28 -0700
Date sent: Wed, 30 Aug 2000 10:59:32 +0200 From: "Volker Tanger" <Volker.Tanger () globalone net> To: marty <marty () supine com> Subject: Re: [fw-wiz] Why VPNs aren't magic silver bullet solutions
Greetings! marty wrote:VPNs are _very_ useful, if used right. As I said, they're the equivalent of a heavily guarded point-to-point line.but, coming back to my point, where is the pros/cons that will help you decide between application level security and a VPN ??Unencrypted VPNs only increase the number of networks which can be connected via the same backbone. You can connect hundreds of 10.0.0.0/8 networks via the same (unencrypted) VPN-backbone cloud without interferences (except performance). Unencrypted VPN does NOT add any security!
This is not always true. For instance, an IPsec-based VPN authenticates each packet traversing the VPN without encrypting. This keeps anyone from modifying packets or injecting new packets into the system. You can also apply filters at the endpoints. It provides security without secrecy. Steve Goldhaber Cisco Systems goldy () cisco com http://www.cisco.com (303) 444-9532 _______________________________________________ Firewall-wizards mailing list Firewall-wizards () nfr net http://www.nfr.net/mailman/listinfo/firewall-wizards
Current thread:
- Re: Why VPNs aren't magic silver bullet solutions TC Wolsey (Sep 05)
- <Possible follow-ups>
- Re: Why VPNs aren't magic silver bullet solutions Steve Goldhaber (Sep 05)