According to Paul D. Robertson:
>
>The basic problem with VLANs is that they're trust extenstion products,
>not security products, and anytime you extend trust, you open yourself up
>to misuse of that trust relationship. VPNs rely on one thing to function
>properly- that's the integrity of the encryption boundry at each endpoint.
>
Uh-oh, I think you are mixing the concepts of VLAN and VPN and you, in
the very least, confused me. I believe what you are talking about is
problems with a _VPN_ - to me a VLAN is 802.3q lan tagging that is
used on some switches to control traffic.
I suspect you need to do a "sed 's/VLAN/VPN/'" on your message. If
that is correct then I agree with what you are saying. VPN's present
a big risk to the security perimeter for the very reasons that you
have stated.
--
===============================================================================
Brett Lymn, Computer Systems Administrator, BAE SYSTEMS
===============================================================================
_______________________________________________
Firewalls mailing list
[EMAIL PROTECTED]
http://lists.gnac.net/mailman/listinfo/firewalls
