Question (fwd)
Tina Bird
tbird at secnetgroup.com
Tue Jun 8 15:01:13 EDT 1999
>Also, RedCreek has been using the term "Secure VPN" to distinguish between
>the misuses of "VPN" and what constitutes IPSec VPNs.
>
>Eric Henriksen
I've listened to the "what's a VPN" fray for as long as I can handle...
my only quibble with Eric, here, is that IPSec based VPNs do not typically
perform strong >>user<< authentication, which is slightly different from
certificate-based >host< authentication.
Most of my corporate customers are using VPN for remote access, and
want the reassurance of a token-based user authentication system
IN ADDITION TO the protection offered by certs or PKI. So when >I<
say "secure VPN," I mean:
encryption
user >and< host authentication
packet integrity protection
NAT or other mechanisms to hide my internal network
When I last evaluated the subscription VPN services (which was,
admittedly, quite some time ago -- I've got this ridiculous
prejudice against outsourcing my perimeter security), none of them
came anywhere close to offering this level of protection.
Also please note that the FAQ addresses this issue:
http://kubarb.phsx.ukans.edu/~tbird/FAQ.html#Q3:
****************************************************************
TO POST A MESSAGE on this list, send it to vpn at listserv.secnetgroup.com
The VPN FAQ (under construction) is available at
http://kubarb.phsx.ukans.edu/~tbird/FAQ.html
We are currently experiencing "unsubscribe" difficulties. If you
wish to unsubscribe, please send a message containing the single line
"unsubscribe vpn your-e-mail-address" to owner-vpn at listserv.secnetgroup.com
****************************************************************
More information about the VPN
mailing list