Re: SSL vs IPSec VPNs

[Gregory Baker <travelingregbaker () yahoo com>]

Sorry for the tardy reply to this thread. We're using a mix of both at the moment. ipsec for site to site and SSL on a 
seperate vlan for mobile warriors. 

--- On Tue, 10/19/10, Michael Douglas <mick () pauldotcom com> wrote:

> From: Michael Douglas <mick () pauldotcom com>
> Subject: [Pauldotcom] SSL vs IPSec VPNs
> To: pauldotcom () pdc-mail pauldotcom com
> Date: Tuesday, October 19, 2010, 9:41 AM
> Hey all,
>
> I'm trying to determine what protocols should be permitted
> on a new
> VPN concentrator.
>
> I'd like to stick with IPSec, it's tried and true, and to
> quote Garth:
> "We fear change".  However, it seems that all the
> vendors are going
> down the SSL route.  Now I know SSL is 'safe', but it
> seems like it's
> more open to attacks like SSLStrip (thanks again Moxie for
> making us
> aware of the problems!)  I get that SSL is easier for
> administrators
> and end users alike, but is that convenience at too high a
> cost?
>
> So what are your thoughts?  Am I being too
> paranoid?  If there are
> articles or places where I should RTFM, that's cool... I
> just need to
> know what FM to read!!  Please send the
> links/info  ;-)
>
>
> Thanks for your input, and have a nice day!
> - Mick
> _______________________________________________
> Pauldotcom mailing list
> Pauldotcom () mail pauldotcom com
> http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
> Main Web Site: http://pauldotcom.com
_______________________________________________
Pauldotcom mailing list
Pauldotcom () mail pauldotcom com
http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
Main Web Site: http://pauldotcom.com