Re: Aside from Firewall ..

[Tina Bird <tbird () secnetgroup com>]

The security features of virtual private networks and digital certificates
are really different.  Digital certificates provide a mechanism for 
verifying the identity of a user on your extranet, and can be used to 
guarantee the integrity of their network connection.  But they don't
protect the confidentiality of the data on your extranet.

VPNs may use digital certs as part of their authentication and 
authorization systems, but they usually provide additional benefits.
Most commercial VPNs provide encryption, which protects the
confidentiality of your extranet data.  In addition, if you have multiple
machines or networks in use on your extranet, the routing and traffic
management features of VPNs may simplify keeping you and your business
partners connected.

It really depends on the nature of the extranet itself.  If the data
on that network is proprietary, and you want to limit it to authorized
users, I'd recommend using a VPN with digital certs or some other sort
of authentication system.

Hope that helps -- Tina Bird

On Wed, 7 Jul 1999, C. K. Lung wrote:

> Date: Wed, 7 Jul 1999 23:44:13 -0400
> From: "C. K. Lung" <clung () hotmail com>
> To: Firewall-Wizards <firewall-wizards () nfr net>
> Subject: Aside from Firewall ..
>
> A customer has an Extranet for its business partners, suppliers and
> customers.  He has already had Checkpoint Firewall-1 in place.  We are
> debating whether Digital Certificate or VPN to be used.
>
> Could members of this list shed their views on it?  Any input are greatly
> appreciated.
>
> Thanks and regards,
>
> C.K.
>
> P.S. Are there other lists discussing extranet security?  Any pointers are
> greatly appreciated.