VPN Endpoint security

Jon Carnes jonc at HAHT.COM
Mon Mar 26 18:05:50 EST 2001


----- Original Message -----
From: "Byron Kennedy" <byron at markettools.com>
Sent: Monday, March 26, 2001 5:34 PM
Subject: RE: VPN Endpoint security


> Complexity is my fear as well.  I was hoping that there was a central
> administration side for the Zonealarm product so we could install and then
> configure remotely.  perhaps in the pro version?  I've only used the
> freeware package and can't imagine asking an exec to configure it ;).
> Humm.....
>
> We're currently using the linksys routers for some folks (mostly
development
> and IT staff... i have one myself), but have taken sort of a hands off
> approach, and realize that this is not the best idea. Are you remotely
> administering the routers, providing a setup guide for them, or do you
just
> use the linksys docs? I do like the additional security features of the
> software over NAT, but realize also they've got to be able to use whatever
> we go with.
>
> thx! Byron
>

The amount of pre-setup on our end is determined by the situation and the
user.  We have a varied lot of expertise at our company.  For Dev and
support people we generally just hand them the router in the shrink wrap.
For the rest we pre-configure the router (if necessary).  Configuration is
only really necessary when connecting to DSL via PPoE (and some of the other
more bizarre protocols).  In any of these cases, stepping the users through
a Zone Alarm config would have been very tedious

I just preconfigured one for a new office in California.  I ordered their
service and setup the PPoE, so it was easy to setup the router before
shipping it out.  In this case, I also pre wired it and labeled the wires in
very plain english:
  - LAN slot of Alcatel 1000 (DSL modem)
  - Slot 1  Netgear Hub
It will probably still take me an hour by phone by coax the admin there to
plug it in.

Our time in configuring a Linksys Router is generally about 10 minutes.
Walking the user through the install via the phone is usually about the
same, 10 minutes - and there are rarely any surprises.

The most common problem we encounter is that some Broadband ISP's have
terrible DNS service, so we ask folks to use our corp. DNS servers as their
permanently configured primary and secondary.

Hope this helps,

Jon Carnes

VPN is sponsored by SecurityFocus.COM




More information about the VPN mailing list