Firewall Wizards mailing list archives
RE: Opinions on VPN?
From: "Litney, Tom" <TLitney () caiso com>
Date: Mon, 19 Apr 1999 10:12:54 -0700
Assuming that this is not a troll, I would have to disagree. VPN's are just one of the tools in the security tool belt not the magic security silver bullet. VPN's as a concept do not "suck", in my opinion. Indeed, they perform a critical function in my overall security architecture. But you have to implement them with reason and understand the implications in employing them. VPN's have craved out a niche in the lower speed network links (up to about t3 speeds). They provide a method to encrypt traffic and conceal it from curious eyes. Several firewall implementation support point to point VPN tunnels to protect internet traffic. These tunnels terminate on the firewall and then may pass unencrypted traffic to the internal network. You may also choose to allow encrypted traffic to pass through your firewall based on a sufficient business case. In that case you are correct, it is hard to filter bad things out of traffic you can't read. Sorry guy, security is a myth that we perpetrate on our user community. There is no really security in a computer sense or in a personal sense. We all must be responsible for providing our own protection no matter what controls we feel are in place. Anyone who feels secure just because the employ VPN's or any other security controls will learn a hard lesson in the future. Just my thoughts. Tom Hi folks, Just wanted to find out what other people opinion on 'VPN' as a general idea? IMHO, the person who came up with the VPN idea should be shot, because in most cased all VPN do is create entry points into your network (in most cased right past the firewall and some times in the hear of your network). They also give admins false sence of security: the data is encrypted. But if 'rm -rf /' or 'cp porn.html index.html' command -- so what?! That command (traffic) is still there! Am I alone in the opinion that VPN mostly suck or is it just because I tend to run into a lot of misconfigured cisco routers which do encrypt data, but also route packets from others into your net :( -- Yan
Current thread:
- Opinions on VPN? Jan B. Koum (Apr 18)
- Re: Opinions on VPN? Frederick M Avolio (Apr 19)
- Re: Opinions on VPN? Andreas Gunnarsson (Apr 19)
- Re: Opinions on VPN? Jonathan Poole (Apr 20)
- Re: Opinions on VPN? Rick Smith (Apr 20)
- Message not available
- Re: Opinions on VPN? dreamwvr (Apr 20)
- <Possible follow-ups>
- Re: Opinions on VPN? Ryan Russell (Apr 19)
- Re: Opinions on VPN? Paul M. Cardon (Apr 20)
- RE: Opinions on VPN? Kyle Starkey (Apr 20)
- RE: Opinions on VPN? Litney, Tom (Apr 20)
- Re: Opinions on VPN? Philip S Holt, Security Engineer / Network Engineer (Apr 21)
- RE: Opinions on VPN? John McDonald (Apr 20)
- RE: Opinions on VPN? dreamwvr (Apr 21)
- RE: Opinions on VPN? Andreas Gunnarsson (Apr 22)
- RE: Opinions on VPN? dreamwvr (Apr 21)
- RE: Opinions on VPN? Dendeni, Iyes (Apr 21)
- RE: Opinions on VPN? Litney, Tom (Apr 21)
- RE: Opinions on VPN? Russ (Apr 21)
- Re: Opinions on VPN? Rodney van den Oever (Apr 22)
- RE: Opinions on VPN? Russ (Apr 23)
- RE: Opinions on VPN? David Bovee (Apr 24)