Calin,
as Carlos sad, IPsec will be implemented in the next version of Solaris (v.8),
the agreement with SSH is to implement IKE with IPsec for the negotiation of
the keys.
SKIP is a very secure and strong solution for intranet/extranet connections,
especially if you have to make it pass through a firewall (SKIP is a standard
and RFC protocol). If you're interested SUN is going to launch (at the end
of May) a new product that could be the answer to all of your needs;
it's made for the extranet/internet, it allows secure (encrypted and
authenticated) communication between your LAN and the 'external users'. It
uses SSL as VPN tunnel and it is based on html so, you can open a secure
channel from wherever you are just using the Netscape browser.
I think you'll find all the information in a while by the time SUN will lauch
the product officially.
Hope this helps,
Cello
"Gomes, Carlos" wrote:
> I'd defer from using SKIP since I've heard rumors that Sun is looking for
> other server2server VPN solutions. In fact see
> http://www.ssh.fi/about/press/release04051999.html for an announcement made
> on May 3, '99 about Sun and SSH.
>
> ymmv [1],
> C.G.
>
> [1] http://www.netmeg.net/jargon/terms/y.html#ymmv
>
> --
> #include <std-disclaimer.cpp>
>
> > -----Original Message-----
> > From: Alex [mailto:[EMAIL PROTECTED]]
> > Sent: Sunday, May 09, 1999 11:51 AM
> > To: [EMAIL PROTECTED]
> > Cc: [EMAIL PROTECTED]
> > Subject: Re: [Q] Firewalls and LAN dialup access
> >
> >
> > You may want to take a look at SKIP. I believe that have
> > trial versions
> > available.
> > http://www.sun.com/security/overview.html
> >
> >
> > [EMAIL PROTECTED] wrote:
> >
> > > Does anybody have any experience or pointers on how
> > to provide
> > > security/protection for an Extranet type of info sharing among
> > > different companies, especially against possible internal individual
> > > LAN users who (unwillingly or not, including not knowing of IP
> > > forwarding being enabled ?!?) use dialup connections to the
> > Internet,
> > > or a common proxy/socks/direct LAN connection to the Internet, if
> > > each LAN "sits" behind a NAT router? I am also interested in
> > > pointers to policies spelled out for the member participating in the
> > > Extranet, including how-to on identifying such behavior ...
> > > TIA,
> > > Calin
> > > -
> > > [To unsubscribe, send mail to [EMAIL PROTECTED] with
> > > "unsubscribe firewalls" in the body of the message.]
> >
> > -
> > [To unsubscribe, send mail to [EMAIL PROTECTED] with
> > "unsubscribe firewalls" in the body of the message.]
> >
> -
> [To unsubscribe, send mail to [EMAIL PROTECTED] with
> "unsubscribe firewalls" in the body of the message.]
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
