[VPN] Application timeouts over VPN...HELP!

[Alex Pankratov]

safieradam wrote:
> The 65 seconds in your original method is one thing. Keeping the session 
> up and idle for hours is a big difference.  I would whip out the "New" 
> security policy and point out to the developers that leaving sessions 
> open for hours is bad security and not allowed.  

Adam,

can you explain why *exactly* it's a "bad security" ? Especially given
that the TCP connection in question is IPsec'ed in first place.

[snip]

> Adam Safier 

[snip]