Digital DSNlink Service secure?

["Barnes, Jay" <JBarnes () limited com>]

[long time lurker, first time poster :) ]
Anyone know of any vulnerabilities in Digital's DSNlink Service?
(http://www.service.digital.com/dsnlink/V22_vms_std.htm)
The usual searches didn't turn up much so I thought I'd ask here.

Part of it's functionality requires configuring the firewall (Cisco PIX) to
allow an inbound connection to a specific tcp port.  I can nail up a static
translation address on the PIX for the Alpha Cluster and set a rule to only
allow the inbound connection if it's from a specific source address.  I know
that's not totally secure (spoofing, man-in-the-middle, etc.) but we would
still be protected from the usual port scans.

The simple network layout is:
[Alpha Cluster]--[private network]--[firewall]--[public
internet]--[host.digital.com]

The Alpha is running OpenVMS 7.1-1H1 and I'm not sure about the client-side
DSNlink software. (I'm still fishing for information from the sysadmins and
Digital)

I think I'm aware of the pitfalls of configuring the firewall for this, but
aside from that I'm wondering if anyone has any information about this
specific application.  Or maybe you could take a look at the link above and
tell me if anything leaps out at you.
TIA,
Jay Barnes
Señor Network Analyst / EOC Network Services
The Limited Inc.
Three Limited Pkwy Columbus, Ohio 43230
614-415-7777
jbarnes () limited com