Security Basics mailing list archives

Re: Teleworking

From: Ramsy <ramsyl () itsecure com>
Date: Wed, 12 Nov 2003 10:34:47 +0530

Hi

What about a firewall ? VPN with out a firewall can be hole!
Sonicwall box has inbuilt vpn and firewall capabilities and good performance

Regards
Ramsy

JGrimshaw () ASAP com wrote:

You could always allow for a Cisco router at the employees home; a DSL or
cable router in the 800 series of routers would work, with the option of a
hardware VPN accelerator.

Some models have a four-port switch installed, and you can configure the
router to allow only specific MAC addresses to connect via the VPN tunnel.
 So, Bob from Accounting can connect from his work issued laptop, without
any client installed on it (and as such, would never need updating) and he
can connect his printer to the switch, have a wireless home network access
point hooked up and the rest of his family--but only his laptop would
touch the tunnel (or if you prefer, his printer too).

The tunnel can connect to a PIX or a router at the business.

If VoIP was deployed, you cannot use QoS on the PIX, but you could on the
router.  So, if a scheduled backup job kicked off when the employee was
connected, VoIP would suffer if you terminated the tunnel on a PIX.  But
if its a router-to-router connection, you could configure for VoIP traffic
to receive priority.

"David Lanagan" <DLanagan () sterlinginsurancegroup com>
11/10/2003 04:39 AM

To
<security-basics () securityfocus com>
cc

Subject
Teleworking

I'm about to embark on a teleworking project and would like to ask you
guys the following...

I was going to be using Cisco-based 3des VPNs out to clients who will use
the vpn client s/w loaded on their machines, an adsl connection and citrix
for a remote desktop.

I was going to employ a securID or similar box to provide additional
security.

Could anyone out there recommend any other options?  I want the connection
to be very secure and allow for a concurrent usage of up to 50 clients
coming in at any one time.

Your help will be much appreciated...

Regards,

Dave.

________________________________________________________________________
Dave Lanagan
Lead  - Infrastructure Development
Tel: 020 8334 1548
Fax: 020 8948 0161
Mail: dlanagan () sterlinginsurancegroup com

The information transmitted is intended only for the person or
entity to which it is addressed and may contain confidential
and/or privileged material.  Any review, retransmission,
dissemination or other use of, or taking of anyaction in reliance
upon, this information by persons or entities other than the
intended recipient is prohibited. If you received this in error,
please contact the sender and delete the material from any
computer.  The views expressed in this message do not necessarily
reflect those of Sterling Insurance Group Ltd or any of its
subsidiary companies.

---------------------------------------------------------------------------
Forum Systems PRESIDIO: PGP / XML GATEWAY APPLIANCE
The Presidio integrates PGP data encryption and XML Web Services security
to
simplify the management and deployment of PGP and reduce overall PGP costs

by up to 80%.
FREE WHITEPAPER & 30 Day Trial -
http://www.securityfocus.com/sponsor/ForumSystems_security-basics_031027
----------------------------------------------------------------------------

---------------------------------------------------------------------------
Forum Systems PRESIDIO: PGP / XML GATEWAY APPLIANCE
The Presidio integrates PGP data encryption and XML Web Services security to
simplify the management and deployment of PGP and reduce overall PGP costs
by up to 80%.
FREE WHITEPAPER & 30 Day Trial -
http://www.securityfocus.com/sponsor/ForumSystems_security-basics_031027
----------------------------------------------------------------------------



--------------------------------------------------------------
I T Secure, Mumbai, India




---------------------------------------------------------------------------
Forum Systems PRESIDIO: PGP / XML GATEWAY APPLIANCE
The Presidio integrates PGP data encryption and XML Web Services security to 
simplify the management and deployment of PGP and reduce overall PGP costs 
by up to 80%.
FREE WHITEPAPER & 30 Day Trial - 
http://www.securityfocus.com/sponsor/ForumSystems_security-basics_031027 
----------------------------------------------------------------------------

Current thread:

Teleworking David Lanagan (Nov 10)
- Re: Teleworking Steve (Nov 10)
- Re: Teleworking JGrimshaw (Nov 11)
  - Re: Teleworking Ramsy (Nov 13)
    - Re: Teleworking JGrimshaw (Nov 14)
- Re: Teleworking teemu schaabl (Nov 17)
- <Possible follow-ups>
- RE: Teleworking Joshua Vince (Nov 10)
- RE: Teleworking Gunn, Jeff (Nov 10)
  - RE: Teleworking Charles Mitchell (Nov 13)
- RE: Teleworking Gunn, Jeff (Nov 13)
- Re: Teleworking Carl_Foote (Nov 16)
- Re: Teleworking David Lanagan (Nov 17)