Educause Security Discussion mailing list archives

Re: Persistence IPSEC tunnel with Vendor

From: "Barton, Robert W." <bartonrt () LEWISU EDU>
Date: Mon, 4 Apr 2016 13:05:02 +0000

Morning,

I have done this before.
- We did not allow access to or send them DNS information.
- We firewalled the connection.
- We limited the connection speed.
- They had to sign/follow OUR agreements on disclosure/NDA, password policy, and AUP.
- We used NATting to hide the internal and external IPs.

Robert W. Barton
Director of Information Security
Lewis University
One University Parkway
Romeoville, IL  60446-2200
815-836-5663


-----Original Message-----
From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Yost, 
Davis
Sent: Sunday, April 03, 2016 6:41 PM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: [SECURITY] Persistence IPSEC tunnel with Vendor

Has anyone been asked to setup a IPSEC VPN tunnel with a vendor?  I have been asked to offer this service to a vendor 
and I'm currently denying this request.  I would like to hear from other Security professionals to see if I'm being too 
strict.  They are requesting a tunnel to our network and connecting to a SQL database which currently is a server on 
our Administrative network.

If you have allowed this type of connection, do you have any security agreements that you require them to sign prior to 
making the connection.



Thank you,
Davis

Davis Yost,  CISSO
Associate Director, Security and Networks yost () northwood 
edu<https://mail.northwood.edu/owa/redir.aspx?REF=oqO2_kyiMN1omZ5rmTRk27bO-2oABzTyz7JSSeEg-DKjSX8kGVzTCAFtYWlsdG86eW9zdEBub3J0aHdvb2QuZWR1>

989.837.4185 office
989.837.4184 fax
Developing Leaders of a Global Free-Enterprise Society

This message (including any attachments) is intended only for
the use of the individual or entity to which it is addressed and
may contain information that is non-public, proprietary,
privileged, confidential, and exempt from disclosure under
applicable law or may constitute as attorney work product.
If you are not the intended recipient, you are hereby notified
that any use, dissemination, distribution, or copying of this
communication is strictly prohibited. If you have received this
communication in error, notify us immediately by telephone at (815)-836-5950 and
(i) destroy this message if a facsimile or (ii) delete this message
immediately if this is an electronic communication.

Thank you.

Current thread:

Persistence IPSEC tunnel with Vendor Yost, Davis (Apr 03)
- Re: Persistence IPSEC tunnel with Vendor Barton, Robert W. (Apr 04)