[fw-wiz] VPN for *DSL/CableModem Users

Tina Bird tbird at PRECISION-GUESSWORK.COM
Fri Aug 18 19:05:56 EDT 2000


Michael -- I'm forwarding your message to the VPN mailing
list, which has rather a lot of opinions about this...

cheers -- tbird

On Thu, 17 Aug 2000, Michael C. Ibarra wrote:

> Date: Thu, 17 Aug 2000 17:14:30 -0400
> From: Michael C. Ibarra <ibarra at hawk.com>
> To: firewall-wizards at nfr.net
> Subject: [fw-wiz] VPN for *DSL/CableModem Users
>
> Hello:
>
>  I've been asked to perform the horrible task of allowing
>  in remote/home internet connections into a corporate LAN.
>  The firewall/s in question are a FW-1 and IPFilter (separate
>  machines) combo. The pipe decided upon was either DSL or
>  cable modems, based of course on availibilty. The present
>  method is an isdn/SecureID/dialback method. The present
>  corporate policy allows no inbound traffic from the inter-
>  net and allows a limited outbound connections, mainly http.
>  My feeling is that users, unable to reach their AOL/Napster/
>  whatever type of services could place a modem into these home
>  PC's, corporate owned but that doesn't matter, making that
>  box an insecure gateway or transfer point for a virus to the
>  corporate network. VPN's IMO would do little to protect a
>  machine which has a greater chance of becoming compromised,
>  besides breaking corporate security policy since all non-VPN
>  connections would probably allow those same services not
>  normally allowed in the office. My question, and thank you
>  for reading this far, is what VPN software and/or hardware
>  is recommended and what can be done to enforce the present
>  corporate policy (aside from asking users to sign an agreement).
>
> Thank you all,
>
> -mike
>
>
> 	
> 	  The information contained in this message
> 	   is not necessarily the opinion of Hawk
> 	           Technologies, Inc.
>
>
> _______________________________________________
> Firewall-wizards mailing list
> Firewall-wizards at nfr.net
> http://www.nfr.net/mailman/listinfo/firewall-wizards
>

VPN:  http://kubarb.phsx.ukans.edu/~tbird/vpn.html
life: http://kubarb.phsx.ukans.edu/~tbird
work: http://www.counterpane.com

VPN is sponsored by SecurityFocus.COM




More information about the VPN mailing list