Firewall @ remote location

Brad Kemp kemp at indusriver.com
Thu Oct 28 15:23:17 EDT 1999


A VPN extends the network perimeter.  Therefore you have to take
the same precautions on a client that you would on a corporate host
exposed to the internet.
A couple of recommendations:
Do not run unessecary services (web server, ftp server....) on the remote
host.
If the remote site's OS is NT, remove the WINS binding from the
DSL adapter. This will stop Microsoft SMB traffic from reaching your host.
Run Virus protection on the remote site religiously.

There are 'personal firewall' vendors out there that will sell you
a firewall that co-exists with your remote PC.
conceal http://www.candc1.com/conseal/
digital robotics http://www.digitalrobotics.com/fire.htm
and many others.  A web search on personal firewall should find most of them.
Brad

At 07:17 PM 10/26/99 -0400, Danilo Dessi wrote: 
>>>>
I am planning a "VPN" to connect a bank's head office with a small rep.
office.  My question regards firewalls.  Since there will only be one
computer at the rep office it is very hard to justify a firewall which can
cost more than the computer.  The rep office will have a DSL connection to
the Internet. I would like to know if there are other considerations other
than the fact that the line is always up why I should have a firewall at
the remote location.  In other words is there more risk (exposure to
hackers) at the rep office compared with a telecommuter who dials up from a
 remote connection and then hangs-up when he/she is finished working?  Can
a hacker actually gain access to the head office LAN by comprimising the
computer located at the rep. office?
  
Thank you to all replies,
  
Danilo  

<<<<


--- -- --
Brad Kemp
Indus River Networks, Inc.                   BradKemp at indusriver.com
31 Nagog Park						 978-266-8122
Acton, MA 01720                              fax 978-266-8111

****************************************************************
TO POST A MESSAGE on this list, send it to vpn at listserv.secnetgroup.com

The VPN FAQ (under construction) is available at
http://kubarb.phsx.ukans.edu/~tbird/vpn/FAQ.html

We are currently experiencing "unsubscribe" difficulties.  If you
wish to unsubscribe, please send a message containing the single line
"unsubscribe vpn your-e-mail-address" to owner-vpn at listserv.secnetgroup.com

****************************************************************




More information about the VPN mailing list