>I understand most of the benefits of frame relay, but I am wondering if =
>there are any security problems assoicated with this protocol? Is it =
>secure enough for unencrypted transfer of financial or sensitive =
>information? Any help understanding the security risks associated with =
>frame relay appreciated.
>
>-- Kevin
Is a dedicated line secure enough for unencrypted transfer of
financial or sensitive information?
Answer: It depends.
People often assume that frame is somehow shared when "dedicated
lines" are not. From Chapter 5 of my _WAN Survival Guide_,
>All too many users have an intuitive belief that if they were to
>pull on the London end of a London to New York circuit, wires would
>wiggle in Manhattan. The reality, of course, is that any network of
>complexity beyond a very simple LAN involves one or more layers of
>virtualization onto real media. At the OSI lower layers,
>virtualization usually involves multiplexing, but various name and
>address mapping functions provide virtual structure as one moves up
>the protocol stack.
Typically, frame PVCs and T1's run over exactly the same media from
the customer site to the telco end office. Once at the end office,
they are multiplexed. T1 is far too slow for economical data
transmission between modern telco offices. Both the T1 and the frame
circuits typically will be multiplexed onto facilities at least at
DS-3, and usually OC-12 to OC-192. So much beyond the local loop,
there really isn't much difference between frame and dedicated.
Interpretations in the US HIPAA legislation for medical data tend to
allow unencrypted traffic to flow over dedicated and frame, but not
the public Internet. The Federal Reserve, however, tends to want
end-to-end encryption regardless of the media, historically single
DES. Military traffic would be bulk encrypted and possibly
end-to-end encrypted as well.
_________________________________
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
