Educause Security Discussion mailing list archives
SSL VPN Question
From: Jay Graham <jwg+ () PITT EDU>
Date: Fri, 5 Mar 2010 16:47:29 -0500
Hi, We are using the Juniper (aka Netscreen aka Neoterisis) SSL VPN product. We recently made a security decision to remove the address bar from within the SSL VPN interface to limit the risk of this vulnerability. This has caused some people to complain since they used this address bar to directly proxy to various sites. We use the SSL VPN to allow web access to our library journals and now the users just can't copy and paste URLs of these journals in e-mail messages since the URL is different depending if you are on campus versus off campus. (i.e. through the VPN tunnel). What I was wondering was if other schools have done anything similar and how they are coping with the change? (i.e. Workarounds etc.) I understand the convenience of the address bar, but in this case, I think the risk outweighs it. Thanks, Jay Graham University of Pittsburgh ====================
Current thread:
- SSL VPN Question Jay Graham (Mar 05)
- <Possible follow-ups>
- Re: SSL VPN Question Kevin Wilcox (Mar 05)