Firewall Wizards mailing list archives
RE: Opinions on VPN?
From: dreamwvr <dreamwvr () dreamwvr com>
Date: Sat, 24 Apr 1999 21:41:40 -0600
At 07:41 PM 4/23/99 -0700, David Bovee wrote:
I think another architecture which is fairly common is implementing a separate VPN box in parallel with a firewall. This presents the same
we are in agreement that the vpn should really be run in parallel..
security, or more, as the "kitchen sink" claim espoused below.
my kitchen sink comment were regarding not layering too many self defence tools all on one box:-) else we tend to trip over the defenses we rely upon..;-) the SEC industries need to roll all in one solutions is understandable but.. not really a good point of view from a security point of view IMHO.
Personally, I think FW+VPN is a great solution for a company whose performance and business requirements dictate these features with an accepted performance limit. The other thing that FW+VPN solves that many of the other solutions do not, is NAT and VPN protocol compatibility. Let me remind you that NAT and VPN are not very friendly when they're in the same ring...
.. true but is a swiss army knife always the right tool? somehow i doubt it. opsec compliant standards are beginning to make the go round so this should fill the gap. else use straight open standards to fill the bill.. or rather not fill bill;-) Regards, dreamwvr () dreamwvr com Reuters, London, February 29, 1998: Scientists have announced discovering a meteorite which will strike the earth in March, 2028. Millions of UNIX coders expressed relief for being spared the UNIX epoch "crisis" of 2038. _______________________________________________________________________ ********** DREAMWVR.COM - TOTAL INTERNET SERVICES ********** TOTAL DESIGN - DEVELOPMENT - INTEGRATION - SECURITY - Click Here.. <http://www.dreamwvr.com/services/MAX_SEC.html> DREAMWVR.COM - The Console of Many... 24 X 7 Evolution Internet <http://www.dreamwvr.com/dynamicduo.html> <mailto:dreamwvr () dreamwvr com> <*<*<* Proud Linux-Mandrake Distributor *>*>*> <http://www.dreamwvr.com/mandrake/mandrake-dist.html> "As Unique as the Company You Keep." "===0 PGP Key Available ________________________________________________________________________
Current thread:
- Re: Opinions on VPN?, (continued)
- Re: Opinions on VPN? Philip S Holt, Security Engineer / Network Engineer (Apr 21)
- RE: Opinions on VPN? John McDonald (Apr 20)
- RE: Opinions on VPN? dreamwvr (Apr 21)
- RE: Opinions on VPN? Andreas Gunnarsson (Apr 22)
- RE: Opinions on VPN? dreamwvr (Apr 21)
- RE: Opinions on VPN? Dendeni, Iyes (Apr 21)
- RE: Opinions on VPN? Litney, Tom (Apr 21)
- RE: Opinions on VPN? Russ (Apr 21)
- Re: Opinions on VPN? Rodney van den Oever (Apr 22)
- RE: Opinions on VPN? Russ (Apr 23)
- RE: Opinions on VPN? David Bovee (Apr 24)
- RE: Opinions on VPN? dreamwvr (Apr 25)
- RE: Opinions on VPN? David Bovee (Apr 24)
- Re: Opinions on VPN? Robert Graham (Apr 24)
- Re: Opinions on VPN? myles (Apr 29)
- Re: Opinions on VPN? Joseph S D Yao (Apr 29)
- Re: Opinions on VPN? myles (Apr 29)
- RE: Opinions on VPN? TC Wolsey (Apr 24)