Re: CISCO Vpn

[Ron DuFresne <dufresne () winternet com>]

On Wed, 23 Jun 2004, Patrick Olsen wrote:

> I have been asked what the PROs and CONs of setting up a vpn would be. Im
> trying to find security pros and cons. Basically to find out if it is worth
> the risk. This individual would be using a desktop at home which we would be
> setting up for her.

The main problem with a vpn tunnel for workers from home is keeping them
from messing with the system and changing the defaults estblished, and
making sure the security policy on the machine remain as hig as the policy
for the corp network.  Things like having the AV sigs up to date, no split
tunneling such that the user can irc while tunneled back into work, etc.
The main risk is in providing nothing more then a secure tunel for all the
home users nasties to travel back into the corp network.  It's estimated
that at least 75% of vpn's in place for this kind of use are nothing more
then that.

Thanks,

Ron DuFresne
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
"Cutting the space budget really restores my faith in humanity.  It
eliminates dreams, goals, and ideals and lets us get straight to the
business of hate, debauchery, and self-annihilation." -- Johnny Hart
        ***testing, only testing, and damn good at it too!***

OK, so you're a Ph.D.  Just don't touch anything.

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html