Group,
Which then I believe should obviously lead into the discussion- if VPN's
are today's PVC's then would it be appropriate to say that traffic
transported over the public internet with such a protocol as IPSec is just
as safe? and how do you know your enemies aren't working for that frame
provider -if they are using single DES they had better hope not. Are there
protocols now capable of providing enough security encryption for extremely
sensitive traffic to transit the public internet?
>>>Brian
>From: "Howard C. Berkowitz" <[EMAIL PROTECTED]>
>Reply-To: "Howard C. Berkowitz" <[EMAIL PROTECTED]>
>To: [EMAIL PROTECTED]
>Subject: Re: Frame Relay Security
>Date: Sun, 7 Jan 2001 13:37:09 -0500
>
> >I understand most of the benefits of frame relay, but I am wondering if =
> >there are any security problems assoicated with this protocol? Is it =
> >secure enough for unencrypted transfer of financial or sensitive =
> >information? Any help understanding the security risks associated with =
> >frame relay appreciated.
> >
> >-- Kevin
>
>Is a dedicated line secure enough for unencrypted transfer of
>financial or sensitive information?
>
>Answer: It depends.
>
>People often assume that frame is somehow shared when "dedicated
>lines" are not. From Chapter 5 of my _WAN Survival Guide_,
>
> >All too many users have an intuitive belief that if they were to
> >pull on the London end of a London to New York circuit, wires would
> >wiggle in Manhattan. The reality, of course, is that any network of
> >complexity beyond a very simple LAN involves one or more layers of
> >virtualization onto real media. At the OSI lower layers,
> >virtualization usually involves multiplexing, but various name and
> >address mapping functions provide virtual structure as one moves up
> >the protocol stack.
>
>Typically, frame PVCs and T1's run over exactly the same media from
>the customer site to the telco end office. Once at the end office,
>they are multiplexed. T1 is far too slow for economical data
>transmission between modern telco offices. Both the T1 and the frame
>circuits typically will be multiplexed onto facilities at least at
>DS-3, and usually OC-12 to OC-192. So much beyond the local loop,
>there really isn't much difference between frame and dedicated.
>
>Interpretations in the US HIPAA legislation for medical data tend to
>allow unencrypted traffic to flow over dedicated and frame, but not
>the public Internet. The Federal Reserve, however, tends to want
>end-to-end encryption regardless of the media, historically single
>DES. Military traffic would be bulk encrypted and possibly
>end-to-end encrypted as well.
>
>_________________________________
>FAQ, list archives, and subscription info:
>http://www.groupstudy.com/list/cisco.html
>Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
_________________________________________________________________
Get your FREE download of MSN Explorer at http://explorer.msn.com
_________________________________
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
