Firewall Wizards mailing list archives
Re: Placement of a VPN Appliance
From: Jeffery.Gieser () minnesotamutual com
Date: Fri, 5 Jan 2001 14:31:14 -0600
Ron, #I get confused at this point. as long as the VPN traffic is allowed into #your network, no matter the endpoint, in front of or behind the FW, of the #device, are you not at the same risk? If the VPN's internal NIC is on your internal network as soon as you can compromise the VPN then you can do anything you want on the internal network. If the VPN's internal NIC is on a dmz of the firewall as soon as you compromise the VPN then you can do anything that the firewall allows you to do on the internal network. The difference is in what the firewall allows you to do. This is where you have to be careful and make sure you don't turn your firewall into swiss cheese by allowing everything in. This is also why I prefer to allow employees directly into the internal network and 3rd parties into a dmz. The access a 3rd party gets is a lot more limited than the access an employee gets. Regards, Jeffery Gieser _______________________________________________ firewall-wizards mailing list firewall-wizards () nfr com http://www.nfr.com/mailman/listinfo/firewall-wizards
Current thread:
- Re: Placement of a VPN Appliance, (continued)
- Re: Placement of a VPN Appliance Bill_Royds (Jan 04)
- RE: Placement of a VPN Appliance Stewart, John (Jan 04)
- RE: Placement of a VPN Appliance Bob . Eichler (Jan 04)
- RE: Placement of a VPN Appliance Jeffery . Gieser (Jan 04)
- RE: Placement of a VPN Appliance Ben Nagy (Jan 04)
- RE: Placement of a VPN Appliance Ben Nagy (Jan 04)
- Re: Placement of a VPN Appliance dharris (Jan 04)
- Re: Placement of a VPN Appliance R. DuFresne (Jan 05)
- Re: Placement of a VPN Appliance JB (Jan 08)
- Re: Placement of a VPN Appliance R. DuFresne (Jan 05)
- RE: Placement of a VPN Appliance David Bovee (Jan 05)
- Re: Placement of a VPN Appliance Jeffery . Gieser (Jan 05)
- Re: Placement of a VPN Appliance dharris (Jan 05)