Question (fwd)

Tina Bird tbird at secnetgroup.com
Tue Jun 8 15:01:13 EDT 1999


>Also, RedCreek has been using the term "Secure VPN" to distinguish between
>the misuses of "VPN" and what constitutes IPSec VPNs.
>
>Eric Henriksen

I've listened to the "what's a VPN" fray for as long as I can handle...

my only quibble with Eric, here, is that IPSec based VPNs do not typically
perform strong >>user<< authentication, which is slightly different from
certificate-based >host< authentication.

Most of my corporate customers are using VPN for remote access, and
want the reassurance of a token-based user authentication system 
IN ADDITION TO the protection offered by certs or PKI.  So when >I<
say "secure VPN," I mean:
	
	encryption
	user >and< host authentication
	packet integrity protection
	NAT or other mechanisms to hide my internal network

When I last evaluated the subscription VPN services (which was,
admittedly, quite some time ago -- I've got this ridiculous 
prejudice against outsourcing my perimeter security), none of them
came anywhere close to offering this level of protection.

Also please note that the FAQ addresses this issue:

http://kubarb.phsx.ukans.edu/~tbird/FAQ.html#Q3:

****************************************************************
TO POST A MESSAGE on this list, send it to vpn at listserv.secnetgroup.com

The VPN FAQ (under construction) is available at
http://kubarb.phsx.ukans.edu/~tbird/FAQ.html

We are currently experiencing "unsubscribe" difficulties.  If you
wish to unsubscribe, please send a message containing the single line
"unsubscribe vpn your-e-mail-address" to owner-vpn at listserv.secnetgroup.com

****************************************************************




More information about the VPN mailing list