RE: VPN and Security

There are also technologies like Cisco NAC (among others) that can check and
enforce endpoint compliance with you standards (patch levels, antivirus,
etc.). That should help on the user side if you can't force them to use a
company configured and maintained PC from outside the office.

-Mike

-----Original Message-----
From: listbounce@xxxxxxxxxxxxxxxxx
[mailto:listbounce@xxxxxxxxxxxxxxxxx] On Behalf Of Murda Mcloud
Sent: Monday, June 18, 2007 9:00 PM
To: 'Sohail Sarwar'; 'Scott Ramsdell'; 'WALI';
security-basics@xxxxxxxxxxxxxxxxx
Subject: RE: VPN and Security

VPN is as secure as how well it is implemented and used.
Also, the various encryption algorithms used determine how
secure it is. Like everything, it is as strong as the weakest
link and usually in this scenario that means the home user or
their PC.

You're right about the two factor authentication. What were
you thinking of using-smart cards or similar?

Giving home users the list of things they must have in
place(AV for example) is a good idea. Will you allow them to
split tunnel from their home connections or will they have to
come through the VPN connection to be able to browse so that
they can still go through your firewall/proxy etc?
Second option is safer but prob slower. And how would you
control them when they're not on a VPN?
Depending on how far you want to go, you could specify that
they only use their laptop for the VPN and have no split and
then they can use their home pc for their own use.



-----Original Message-----
From: listbounce@xxxxxxxxxxxxxxxxx
[mailto:listbounce@xxxxxxxxxxxxxxxxx] On Behalf Of Sohail Sarwar
Sent: Monday, June 18, 2007 11:08 PM
To: Scott Ramsdell; WALI; security-basics@xxxxxxxxxxxxxxxxx
Subject: VPN and Security

Hi there,

I just wanted to put this out there. How secure is VPN.
Meaning, if my users take home the client and install it on
their desktop at home, and connect to the corporate network
and production network, wheat are we really looking at. Are
they secure or not.

Two factor authentication would only help the
authentication purpose and to protect the user name and password ?

How about restricting them to access, and how about
worrying about their home computer that can be effected.

Has anyone been through this. Any one give home users
a list of requirements that they must have before vpn can be
offered to them ?

Should there be some type of desktop policy installed
on their home computer, just to protect the company network ?
Any help and guidance would be great

Regards,
Sohail



Relevant Pages

  • RE: [Full-Disclosure] CISCO Vpn
    ... Citrix Secure gateway.. ... >>I have been asked what the PROs and CONs of setting up a vpn would be. ... > the inside of the network between your Cisco VPN device and the internal ... Also consider that a home system will ...
    (Full-Disclosure)
  • Re: Problem w/symantec firewall & SSH Tunnel
    ... VPN stands for virtual private network. ... computers and it's just as secure. ...
    (comp.security.ssh)
  • RE: VPN and Security
    ... Do you mean for a more secure setup he should split tunnel? ... the split tunneling makes me think 'less secure' precisely ... network printer or accessing a share on the file server at the office. ... Subject: VPN and Security ...
    (Security-Basics)
  • Re: RWW revisited
    ... RDP doesn't expose the target network to the client unless you ... maniuplating the remote via the images. ... done from an untrusted client (neither should VPN). ... >> You wanted to know how secure RWW was and I'm comparing to a VPN ...
    (microsoft.public.windows.server.sbs)
  • Re: Having both SSL -AND- VPN...
    ... On the one hand, SSL is quite secure, as are most popular VPN ... said that a network is too secure. ...
    (comp.security.firewalls)