Re: VPN without Firewall?!
From: Walter Roberson (roberson@ibd.nrc.ca)Date: 06/03/02
- Next message: Larry Herzog Jr.: "Re: Firewall security"
- Previous message: Derek Nash: "Re: can I use a PIX 515 to block URL's instead of using Websense?"
- In reply to: MaryAnne: "VPN without Firewall?!"
- Next in thread: Wolfgang Kueter: "Re: VPN without Firewall?!"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: roberson@ibd.nrc.ca (Walter Roberson) Date: 3 Jun 2002 21:00:05 GMT
In article <3cfbd9f8_4@news1.prserv.net>,
MaryAnne <MaryAnne_2002@hotmail.com> wrote:
:The requirement:
:A remote office with 100 users needs to connect to the corporate network
:with minimal cost.
:The proposed solution:
:To reduce cost, it is proposed to install a VPN applicance without firewall
What is the cost to the company of having the connection exploited
even once? If it exceeds about $US1000 then economically you'd be
better off getting a firewall appliance that handles VPN.
IMHO, by the time you have 100 users at a connected site, that site needs
a firewall of its own -- unless perhaps the *only* connection to
the outside world (including modem connections!) is through the
main site AND the security needs of the remote site are -exactly- the
same as the security needs of the main site. Even then, the
onion containment principle would suggest that it would make sense to
protect the remote site separately, just to molify the damage should
someone break in to the main site.
- Next message: Larry Herzog Jr.: "Re: Firewall security"
- Previous message: Derek Nash: "Re: can I use a PIX 515 to block URL's instead of using Websense?"
- In reply to: MaryAnne: "VPN without Firewall?!"
- Next in thread: Wolfgang Kueter: "Re: VPN without Firewall?!"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
