Security Basics mailing list archives

RE: How secure is VPN access?

From: "Javier Otero De Alba" <jotero () smartekh com>
Date: Thu, 18 Nov 2004 15:11:47 -0600

For movile users you can use products like Juniper Secure Access, you can control aplications, ports, IPs that they can 
use, have a checker for valid Av, personal FW, apliccation and MD5 of this, diferent autentication methods, roles.
Some hospital use for the doctors and HIPA.
You can use with cirix, netilla or MS terminal access.

Ing. Fco. Javier Otero De Alba
Diplomado en Seguridad Informática ITESM CEM 
ITStrap
Product Manager 

5243-4782 al 84 Ext.300
México, D.F. 



-----Mensaje original-----
De: dave kleiman [mailto:dave () isecureu com]
Enviado el: Miércoles, 17 de Noviembre de 2004 11:12 p.m.
Para: 'Cesar Diaz'; security-basics () securityfocus com
Asunto: RE: How secure is VPN access?


Cesar,

Would allow a user to bring their home computer to the office, and just hand
them an IP and allow them full network access?

Do your users have access to network resources through the VPN?

They can spread viruses, Trojans etc. to the network from the VPN.

No, you definitely should not let home computers access the VPN, you should
have complete control of the systems that do access via VPN and keep them
up-to-date, etc.

Citrix is a different story, as long as you restrict drive and port
redirection, it can be a "better-controlled" situation.


______________________________________
Dave Kleiman, CISSP, CISM, CIFI, MCSE
www.SecurityBreachResponse.com



 

-----Original Message-----
From: Cesar Diaz [mailto:cdiaz00 () gmail com] 
Sent: Wednesday, November 17, 2004 11:39
To: security-basics () securityfocus com
Subject: How secure is VPN access?

List,

After years of having VPN access for our remote users without a single know
security incident, my boss and I have to justify to her boss why VPN is
secure.

The CIO wants us to only allow users to access the network from company
laptops, not from their own home computers.  We currently will allow users
to install the VPN client software on their home computers to connect
remotely, or they can use Citrix through SSL access to get to network
resources.  His concern is that if a users home PC is compromised, that
compromise can spread to our network.

Is this a legitimate concern?  Can anyone point me in the direction of some
documentation backing either argument?

Thanks in advance for any help.

C

Current thread:

How secure is VPN access? Cesar Diaz (Nov 17)
- RE: How secure is VPN access? dave kleiman (Nov 18)
  - Re: How secure is VPN access? Jimi Thompson (Nov 19)
  - Re: How secure is VPN access? GuidoZ (Nov 19)
- RE: How secure is VPN access? David Gillett (Nov 18)
- Re: How secure is VPN access? Nathaniel Hall (Nov 19)
- <Possible follow-ups>
- RE: How secure is VPN access? Alsobrook, Taylor (C.) (Nov 18)
- RE: How secure is VPN access? Matvei Kliuchnikov (Nov 18)
  - Re: How secure is VPN access? K. K. Mookhey (Nov 22)
- RE: How secure is VPN access? Javier Otero De Alba (Nov 18)
- Re: How secure is VPN access? Jonathan Loh (Nov 19)
- How secure is VPN access? Hayden Searle (Nov 19)
- FW: How secure is VPN access? Stephane Auger (Nov 19)