On Wed, 19 Apr 2000, Geoff Gates wrote:
> Paul,
>
> This is definitely true. Usually VPN's are used to allow remote access on nodes
>which are not necessarily under the same scope of control. There
> is no way to ensure the security of the remote node, but the idea is that the remote
>user is to be trusted with the information he is able to
> access. True, if it is a laptop, information that is downloaded is subject to the
>physical security of the laptop itself (being stolen for
> instance), but if you are allowing VPN access to remote users you should NEVER allow
>information that is truly sensitive to be downloaded. VPNs
> are good to maintain electronic connectivity with email, and general file sharing
>access. There are many instances where a VPN is simply replacing
> dial-up or dedicated circuits. In many of these instances the other party is in
>control of connected hosts.
Data theft risks are much less significant to me than access tunneling
risks. I've seen several compromised hosts where compromise has been made
*months* prior to discovery by a third party, not even the party
responsible for the host. Add in malicious code and COM over HTTP and
things get really ugly really quickly.
> Even with the ANX, there is some degree of uncertainty. If a trading partner with
>ANX access uses a laptop to access data across the ANX, it is
> just as easy for him to take it offsite and the information be compromised, even
>worse yet, the ANX allows for dual-homed hosts, where a box might
> be able to access both networks (the Internet and ANX), if there is a
>misconfiguration or misuse the information could be comingled. The ANX
> doesn't really control the trading parter or his network, and the ISP providing ANX
>access can only make suggestions as to how to configure the
> trading partner's network. I believe the ANXO and ISP's involvement ends at the
>last IPSEC connection to the trading partner.
Yep, my point is that ANX is being heralded as the poster child of VPN
access when there are a significant number of non-normal steps being taken
to secure ANX, the first of which is that it's not Internet connected.
My gaming of most proposed VPN deployements indicates that to do it
correctly you must spend a significant ammount of mony on
compartmentalization, monitoring, trending, etc. I can make that ROI
disappear pretty quickly over the term of the project.
Paul
-----------------------------------------------------------------------------
Paul D. Robertson "My statements in this message are personal opinions
[EMAIL PROTECTED] which may have no basis whatsoever in fact."
PSB#9280
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
