Firewall Wizards mailing list archives
Re: VPN for *DSL/CableModem Users
From: "Ray Hooker" <ray.hooker () attglobal net>
Date: Fri, 18 Aug 2000 12:14:27 -0400
VPN software is only going to protect the sessions and the data being transmitted. With DSL or a Cable modem, you have a fixed IP address which can be attacked. Your choices are to trying to individually play with the bindings and services of each workstation tighten the security or to have them purchase a personal firewall product. I would believe that a personal firewall product would be more appropriate for corporate deployment. Some users may want to install a Linux server with IP firewalling, but I don't think that you will be able to tunnel the VPN sessions through the Linux system... and besides that is beyond most user's skill. The other things that you need to consider is: - Make certain that you develop a security standards/policy and configuration guide for these remote users. - Select a VPN product that supports the SecureID. FW-1 is okay but you may want to consider separate product (e.g., IRE) if the numbers are very high. - Implement some sort of intrusion detection product such as RealSecure to monitor potential intrustion. - Make certain that you regularly scan your setup for security holes. Ray Hooker
.............VPN's IMO would do little to protect a machine which has a greater chance of becoming compromised, besides breaking corporate security policy since all non-VPN connections would probably allow those same services not normally allowed in the office. My question, and thank you for reading this far, is what VPN software and/or hardware is recommended and what can be done to enforce the present corporate policy (aside from asking users to sign an agreement). Thank you all, -mike
_______________________________________________ Firewall-wizards mailing list Firewall-wizards () nfr net http://www.nfr.net/mailman/listinfo/firewall-wizards
Current thread:
- VPN for *DSL/CableModem Users Michael C. Ibarra (Aug 18)
- Re: VPN for *DSL/CableModem Users Ray Hooker (Aug 19)
- <Possible follow-ups>
- RE: VPN for *DSL/CableModem Users Irwin Lazar (Aug 19)
- RE: VPN for *DSL/CableModem Users Starkey, Kyle (Aug 19)
- RE: VPN for *DSL/CableModem Users John Adams (Aug 20)
- RE: VPN for *DSL/CableModem Users Robert Purdy (Aug 21)
- RE: VPN for *DSL/CableModem Users sean . kelly (Aug 19)
- Re: VPN for *DSL/CableModem Users Chuck Fasching (Aug 19)
- Re: VPN for *DSL/CableModem Users Andrew J Bernoth/Boulder/IBM (Aug 19)
- Re: VPN for *DSL/CableModem Users Michael C. Ibarra (Aug 19)
- RE: VPN for *DSL/CableModem Users Jensen, Greg (Aug 20)
- Re: VPN for *DSL/CableModem Users amanda (Aug 20)
(Thread continues...)