Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Rhinorhino on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

security concerns over VPN 1

Status
Not open for further replies.
gensan

gensan

MIS
Joined
Feb 21, 2001
Messages
142
Location
SG
I'm about to start a VPN implementation to remote sites. Can anybody please give me an idea on what are the security issues I should be looking into.


Thanks
 
Sort by date Sort by votes
The VPN technology itself is very good.

You should mostly be concerned with weak passwords, and passwords falling into the wrong hands.

Chip H.
 
Upvote 0 Downvote
If I worried about anything, it would be the clients that will be connecting to my VPN. You absolutely do NOT want your employees using their own home computers to connect to your VPN, because you cannot control the security of their systems.

If an attacker can gain control of the client computer, then you may as well turn off your VPN because it provides absolutely no security. Once they get control of that system, then they can get both the private key and the passphrase.

We have a policy that no personal computers are used to access our network ever, even from home. That way we can control what applications are in use on every computer connected to our network. Plus, then you have fewer intellectual property issues, as you own the computer on which the work was performed.

pansophic
 
Upvote 0 Downvote
Panasophic,

Stringent policy that.

Have you a policy on WiFi? It seems to me that 802.11b could poke a big hole in perimeter defenses.



 
Upvote 0 Downvote
Yeah,

we have been working the wireless access out. Right now, we turn off SSID broadcast and do MAC level authorization and then VPN those clients in (they need the VPN anyway to get in from outside). We put the WiFi network outside our firewall and then tunnel the clients in.

We've been looking at some other devices like InterJak to see if they provide the level of protection that we need to move the APs inside the security perimeter.


pansophic
 
Upvote 0 Downvote
Pansophic,

Nicely! I want to work at your joint (big grin).

J
 
Upvote 0 Downvote
Appreciate your comments and suggestions. But can anybody tell me what software/hardware are required? Pls stay on the basics. Or, can anybody point me to a link where I can download reference materials.

Thanks to all
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

ISDPCMAN
  • Locked
  • Question Question
RDP fails over VPN
Replies
1
Views
534
gkittelson
gkittelson
intel233
  • Locked
  • Question Question
Cisco ASA - VPN Question
Replies
6
Views
1K
intel233
intel233
Shmid
  • Locked
  • Question Question
Restricting Sonicwall SSL-VPN users for WAN access
Replies
7
Views
1K
Shmid
Shmid
WhosYourDiffie
  • Locked
  • Question Question
Cisco ASA 5506 VPN for Avaya Phones
Replies
0
Views
427
WhosYourDiffie
WhosYourDiffie
ITSUPPORTIT
  • Locked
  • Question Question
VPN from ASA 5510 and RV215W problem
Replies
0
Views
332
ITSUPPORTIT
ITSUPPORTIT

Part and Inventory Search

Sponsor

Back
Top