Merit Network
Can't find what you're looking for? Search the Mail Archives.
  About Merit   Services   Network   Resources & Support   Network Research   News   Events   Home

Discussion Communities: Merit Network Email List Archives

North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: Level3 routing issues?

  • From: alex
  • Date: Mon Jan 27 15:28:44 2003

> On Mon Jan 27, 2003 at 03:03:09PM -0500, alex@yuriev.com wrote:
> > > Alex, although technically correct, its not practical.  How many end users
> > > vpn in from home from say a public ip on their dsl modem leaving
> > > themselves open to attack but now also having this connection back to the
> > > "Secure" inside network.  Has anyone heard of any confirmed cases of this
> > > yet?
> > So then they are using a wrong tool. Using a wrong security tool tends to
> > bite one in the <censored>.
> 
> So what's the right tool? Yes, dial or dsl directly into corporate network
> is my preferred option, but doesn't fit the corporate plan for the future.

Use a client that will push down corporate policy to the client.

> > Yes, I have seen attacks mounted via VPNs. Work like charm.
> 
> As I suspected, but I keep being told that these problems were in old style
> VPN clients, and stuff is much better these days. I remain unconvinced.

VPN client creates a fake IP interface. If that interface deos not get the
policy of a corporate network, you have an open enterance. Some of the
clients (such as the ones CheckPoint has) do that. Others dont.

Alex





Discussion Communities


About Merit | Services | Network | Resources & Support | Network Research
News | Events | Contact | Site Map | Merit Network Home


Merit Network, Inc.