RE: VPN implementation

["Henderson, George" <George_Henderson () csx com>]

We use AltaVista VPN as a VPN solution.  It supports both NT and UNIX OS.
The product itself works very well and provides good performance.  
Since it can reside on a UNIX plateform, it can be very secure.   The UNIX
version supports up to 2000 simultanous connections.   The only drawback can
be that it can sometimes be a pain to install on the client PC.  On that
note,
the AltaVista VPN software can run on win 95, 98, and NT plateforms.   I
would
recommend this software highly.

Geo
-----Original Message-----
From: Crispin Cowan [mailto:crispin () cse ogi edu]
Sent: Saturday, November 07, 1998 4:36 PM
To: Dennis Nwaigbo
Cc: firewall-wizards () nfr net
Subject: Re: VPN implementation


Dennis Nwaigbo wrote:

> Hello gangs,
>  I am building a VPN solution for our company.  What I am trying to do is
> build a VPN through the internet so that my users can have a secure data
> access at the corporate headquarters through the corporate WAN.  The
> environment is purely NT shop. The intent is to use native PPTP for
> connectivity.
>
> My questions are as follows:
> *       I intend to use the native PPTP for connectivity.  What are the
ups
> and downs of this protocol for this solution?
> *       What are the security ramifications for using PPTP instead of
IPSec?

Bruce Schneier has an excellent analysis of the security of PPTP here:
http://www.counterpane.com/pptp.html
Basically, it's dreadful.  From reading Schneier's analysis of PPTP, I would
use something else.

Crispin
-----
 Crispin Cowan, Research Assistant Professor of Computer Science, OGI
    NEW:  Protect Your Linux Host with StackGuard'd Programs  :FREE
       http://www.cse.ogi.edu/DISC/projects/immunix/StackGuard/

                 Support Justice:  Boycott Windows 98