Re: How secure is VPN access?

From: Nathaniel Hall (halln_at_otc.edu)
Date: 11/18/04

  • Next message: John Madden: "USB Usage Policy" 
    Date: Wed, 17 Nov 2004 21:42:04 -0600
To: Cesar Diaz <cdiaz00@gmail.com>

    Normally, VPNs are very secure, however, I do have to agree with the CIO
    on this one. Unless the user can prove that they are taking all
    necessary security precautions, such as anti-virus and firewalls, and
    that they are remaining up to date, they should not have their own
    personal computers connected through a VPN. Company owned laptops could
    still pose a problem, but are less risk.

    The reason company owned laptops could still pose a problem is because
    of the large number of users who are using their own private networks
    and connecting the company laptop to their own network. Why does this
    pose a problem? If the home computer is infected with a virus that
    spreads via the network and the business laptop is not protected against
    the threat, the virus could spread to the laptop and then continue to
    the company network through the VPN. Yes, it is probably an unusual
    circumstance, but it is possible.

    Nathaniel Hall, GSEC
    Intrusion Detection and Firewall Technician
    Ozarks Technical Community College -- Office of Computer Networking

    halln@otc.edu
    417-447-7535

    Cesar Diaz wrote:

    >List,
    >
    >After years of having VPN access for our remote users without a single
    >know security incident, my boss and I have to justify to her boss why
    >VPN is secure.
    >
    >The CIO wants us to only allow users to access the network from
    >company laptops, not from their own home computers. We currently will
    >allow users to install the VPN client software on their home computers
    >to connect remotely, or they can use Citrix through SSL access to get
    >to network resources. His concern is that if a users home PC is
    >compromised, that compromise can spread to our network.
    >
    >Is this a legitimate concern? Can anyone point me in the direction of
    >some documentation backing either argument?
    >
    >Thanks in advance for any help.
    >
    >C
    >
    >

  • Next message: John Madden: "USB Usage Policy"

    Relevant Pages

    • Re: Secure workgroups!
      ... you're mixing threat models when you introduce theft of laptops. ... stolen set) then you aren't going to get very far into the wireless network. ... I try to avoid add-ons like VPN clients and such. ...
      (microsoft.public.security)
    • Re: How secure is VPN access?
      ... It depends on how well the company provided laptops are treated. ... > Do your users have access to network resources through the VPN? ... Trojans etc. to the network from the VPN. ... not from their own home computers. ...
      (Security-Basics)
    • RE: How secure is VPN access?
      ... Do your users have access to network resources through the VPN? ... Trojans etc. to the network from the VPN. ... No, you definitely should not let home computers access the VPN, you should ... compromise can spread to our network. ...
      (Security-Basics)
    • RE: How secure is VPN access?
      ... Asunto: RE: How secure is VPN access? ... Do your users have access to network resources through the VPN? ... No, you definitely should not let home computers access the VPN, you should ...
      (Security-Basics)
    • Re: VPN error 721 to Small Biz Server
      ... Networking, Internet, Routing, VPN Troubleshooting on http://www.ChicagoTech.net ... Laptops running up to date ... > I have tried today to get 2 of them connecting to the network, ... I ran a winsock repair ...
      (microsoft.public.windowsxp.work_remotely)