Secure setup for office

From: Matt Simonsen (matt_lists@careercast.com)
Date: 07/27/01

Previous message: Meritt James: "Re: Sircam"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Message-ID: <3B61A4DE.6060000@careercast.com>
Date: Fri, 27 Jul 2001 10:29:02 -0700
From: Matt Simonsen <matt_lists@careercast.com>
To: SECURITY-BASICS@securityfocus.com
Subject: Secure setup for office

Our main office currently has an OpenBSD firewall with no open ports
from the outside, aside from SSH further secured by TCP-Wrappers. I need
to propose a setup for a Microsoft Exchange server that will be
available from the "outside" yet be secure. I am thinking of forwarding
the VPN port(s?) to the Exchange server running MS VPN server (RAS? or
whatever they call it), then giving access to the server through the VPN
sessions. This really is only for a handful of people ... any thoughts
on how secure this would be? Suggestions? I have considered using a
hardware appliance like the Netopia routers that can do VPN instead of
doing this on the Exchange server, but I'm not sure it would be that
much better.

Thanks
Matt

Previous message: Meritt James: "Re: Sircam"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages

RE: VPN and Security
... Do you mean for a more secure setup he should split tunnel? ... the split tunneling makes me think 'less secure' precisely ... network printer or accessing a share on the file server at the office. ... Subject: VPN and Security ...
(Security-Basics)
Re: Another RWW versus VPN question
... Sarbanes Oxley and all other regulations are silent as to technology. ... One could argue that after the CISCO/Michael Lynn Blackhat/Vegas issue that Cisco isn't that secure. ... With VPN access, the data could be pulled over the wire to my home users, they "could" introduce more risk to my network if they are not patched, updates and protected. ... I have a client that recently had a programmer from a large security based company come by and demo the Access database he is working on for them. ...
(microsoft.public.windows.server.sbs)
Re: Another RWW versus VPN question
... And after Blackhat I wouldn't be trusting of Cisco PIX either. ... One could argue that after the CISCO/Michael Lynn Blackhat/Vegas issue that Cisco isn't that secure. ... With VPN access, the data could be pulled over the wire to my home users, they "could" introduce more risk to my network if they are not patched, updates and protected. ... I have a client that recently had a programmer from a large security based company come by and demo the Access database he is working on for them. ...
(microsoft.public.windows.server.sbs)
Re: Another RWW versus VPN question
... A Pix does not ...by itself make you more secure. ... VPN "can" make you more insecure. ... I have a client that recently had a programmer from a large security based ...
(microsoft.public.windows.server.sbs)
RE: Re: Secure Intranet?
... need to have a minimum level of security that is in line with your policies. ... Sygate has a product that does security policy enforcement for VPN called ... Sygate Secure Enterprise. ... Sygate Secure Enterprise Data Sheet ...
(Security-Basics)