Re: 3DES [7:34756]
The paranoid among us can think of other industries where industrial espionage might play a part. Insurance, medical, any industry where there are proprietary processes in place. Imagine if people had been able to hack Enron :- Chuck Joel Satterley wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Here, here, as long as you re-key every so often, who's going to bother ?? Daniel Cotts wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... My opinion is that nobody is going to try to intercept and decrypt your traffic unless you deal in very large amounts of money. DES will keep the curious at bay. It is less processor intensive. -Original Message- From: Brian Zeitz [mailto:[EMAIL PROTECTED]] Sent: Thursday, February 07, 2002 9:46 AM To: [EMAIL PROTECTED] Subject: 3DES [7:34756] I have been looking at routers/firewalls. I am thinking of going with the 2611 with a ADSL card, I also want to get a 515. Our office is not that big yet, but I want to plan for the future. I see that the Pix 515R only does DES, but doesn't do 3DES. But when I buy the router, I can get it with 3DES. I am just kinda confused, where is the best place to use 3DES, on the firewall, or on the router? Or it doesn't matter. The way I see it, if I wanted to do 3DES on the firewall with the 515, I would have to buy the 515UR, which is about 10K. I don't really need the thoughput for 100,000 users just yet though. Any suggestions on this? Thanks in advance... Brian Zee MCSE, CCNA, A+ Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=34853t=34756 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: 3DES [7:34756]
I heard it put very well, and wish I could attribute it but I don't recall the source: To paraphrase, it goes something like this: Think of what it is your company makes, does or sells ... or is planning on doing so in the future. ... and how it makes it and/or does it, how much it costs to do so, etc. ... and who it sells it to ... and for how much .. and where this money goes Think of what differentiates you from your competitors .. quality, quantity, unique products/information/processes, etc. Now think of what would happen to your company if your competition knew all of this. Granted - you can argue that this oversimplifies things a little bit, but it makes a point that will readily hit home with management if nothing else! Thanks! TJ ... just because you are paranoid doesn't mean they aren't out to get you. -Original Message- From: Chuck Larrieu [mailto:[EMAIL PROTECTED]] Sent: Friday, February 08, 2002 11:07 AM To: [EMAIL PROTECTED] Subject:Re: 3DES [7:34756] The paranoid among us can think of other industries where industrial espionage might play a part. Insurance, medical, any industry where there are proprietary processes in place. Imagine if people had been able to hack Enron :- Chuck Joel Satterley wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Here, here, as long as you re-key every so often, who's going to bother ?? Daniel Cotts wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... My opinion is that nobody is going to try to intercept and decrypt your traffic unless you deal in very large amounts of money. DES will keep the curious at bay. It is less processor intensive. -Original Message- From: Brian Zeitz [mailto:[EMAIL PROTECTED]] Sent: Thursday, February 07, 2002 9:46 AM To: [EMAIL PROTECTED] Subject: 3DES [7:34756] I have been looking at routers/firewalls. I am thinking of going with the 2611 with a ADSL card, I also want to get a 515. Our office is not that big yet, but I want to plan for the future. I see that the Pix 515R only does DES, but doesn't do 3DES. But when I buy the router, I can get it with 3DES. I am just kinda confused, where is the best place to use 3DES, on the firewall, or on the router? Or it doesn't matter. The way I see it, if I wanted to do 3DES on the firewall with the 515, I would have to buy the 515UR, which is about 10K. I don't really need the thoughput for 100,000 users just yet though. Any suggestions on this? Thanks in advance... Brian Zee MCSE, CCNA, A+ * The information in this email is confidential and may be legally privileged. It is intended solely for the addressee. Access to this email by anyone else is unauthorized. If you are not the intended recipient, any disclosure, copying, distribution or any action taken or omitted to be taken in reliance on it, is prohibited and may be unlawful. When addressed to our clients any opinions or advice contained in this email are subject to the terms and conditions expressed in the governing KPMG client engagement letter. * Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=34854t=34756 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: 3DES [7:34756]
A couple of questions regarding the original post and then some comments:
It was unclear to me from the original post why you need the DES/3DES. Are
you running end user VPN clients? Router-router tunnels? You need to
consider the purpose of the encryption and the information it's intended to
guard before deciding on the level. I've got some clients (law enforcement
agencies, brokerage firms, etc.) where I don't take any comfort from
3DES. On the other hand, I've got some small business clients that use
encryption for interoffice links that transfer non-sensitive/low sensitive
information. For these guys, DES is plenty.
Craig
At 11:06 AM 2/8/2002 -0500, you wrote:
The paranoid among us can think of other industries where industrial
espionage might play a part. Insurance, medical, any industry where there
are proprietary processes in place.
Imagine if people had been able to hack Enron :-
Chuck
Joel Satterley wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
Here, here, as long as you re-key every so often, who's going to bother
??
Daniel Cotts wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
My opinion is that nobody is going to try to intercept and decrypt your
traffic unless you deal in very large amounts of money. DES will keep
the
curious at bay. It is less processor intensive.
-Original Message-
From: Brian Zeitz [mailto:[EMAIL PROTECTED]]
Sent: Thursday, February 07, 2002 9:46 AM
To: [EMAIL PROTECTED]
Subject: 3DES [7:34756]
I have been looking at routers/firewalls. I am thinking of going with
the 2611 with a ADSL card, I also want to get a 515. Our office is
not
that big yet, but I want to plan for the future. I see that
the Pix 515R
only does DES, but doesn't do 3DES. But when I buy the
router, I can get
it with 3DES. I am just kinda confused, where is the best place to
use
3DES, on the firewall, or on the router? Or it doesn't
matter. The way I
see it, if I wanted to do 3DES on the firewall with the 515, I would
have to buy the 515UR, which is about 10K. I don't really need the
thoughput for 100,000 users just yet though. Any suggestions on this?
Thanks in advance...
Brian Zee MCSE, CCNA, A+
Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=34860t=34756
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: 3DES [7:34756]
We deal with interfacing Alarm systems, both fire and security. 3Des would be needed so someone would have a hard time tripping alarms via the internet. I don't want to get out of bed at 3am, along with a lot of other people, fire, police, owners etc. Also we are writing Code, which programmers spend hours/days/weeks on. And we are getting patents, and writing code for the hardware. I think security is going to be much more important as time goes on. I am the extreme paranoid type, so I would rather take the safe route every time. I think if Enron had some hackers, and they deleted some data, it would only be doing them a favor at this point. -Original Message- From: Chuck Larrieu [mailto:[EMAIL PROTECTED]] Sent: Friday, February 08, 2002 11:07 AM To: [EMAIL PROTECTED] Subject: Re: 3DES [7:34756] The paranoid among us can think of other industries where industrial espionage might play a part. Insurance, medical, any industry where there are proprietary processes in place. Imagine if people had been able to hack Enron :- Chuck Joel Satterley wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Here, here, as long as you re-key every so often, who's going to bother ?? Daniel Cotts wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... My opinion is that nobody is going to try to intercept and decrypt your traffic unless you deal in very large amounts of money. DES will keep the curious at bay. It is less processor intensive. -Original Message- From: Brian Zeitz [mailto:[EMAIL PROTECTED]] Sent: Thursday, February 07, 2002 9:46 AM To: [EMAIL PROTECTED] Subject: 3DES [7:34756] I have been looking at routers/firewalls. I am thinking of going with the 2611 with a ADSL card, I also want to get a 515. Our office is not that big yet, but I want to plan for the future. I see that the Pix 515R only does DES, but doesn't do 3DES. But when I buy the router, I can get it with 3DES. I am just kinda confused, where is the best place to use 3DES, on the firewall, or on the router? Or it doesn't matter. The way I see it, if I wanted to do 3DES on the firewall with the 515, I would have to buy the 515UR, which is about 10K. I don't really need the thoughput for 100,000 users just yet though. Any suggestions on this? Thanks in advance... Brian Zee MCSE, CCNA, A+ Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=34861t=34756 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: 3DES [7:34756] AES? [7:34863]
Any idea when they might add the successor to 3DES (AES)? (I've seen the Jan 2001 position paper at http://www.cisco.com/warp/public/cc/pd/hb/vp3000/prodlit/vpnpo_sd.htm -- just wondering if anyone knew more re timelines [assuming such can be shared, if it exists].) -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] Sent: Friday, February 08, 2002 11:07 AM To: [EMAIL PROTECTED] Subject: Re: 3DES [7:34756] The paranoid among us can think of other industries where industrial espionage might play a part. Insurance, medical, any industry where there are proprietary processes in place. Imagine if people had been able to hack Enron :- Chuck Joel Satterley wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Here, here, as long as you re-key every so often, who's going to bother ?? Daniel Cotts wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... My opinion is that nobody is going to try to intercept and decrypt your traffic unless you deal in very large amounts of money. DES will keep the curious at bay. It is less processor intensive. -Original Message- From: Brian Zeitz [mailto:[EMAIL PROTECTED]] Sent: Thursday, February 07, 2002 9:46 AM To: [EMAIL PROTECTED] Subject: 3DES [7:34756] I have been looking at routers/firewalls. I am thinking of going with the 2611 with a ADSL card, I also want to get a 515. Our office is not that big yet, but I want to plan for the future. I see that the Pix 515R only does DES, but doesn't do 3DES. But when I buy the router, I can get it with 3DES. I am just kinda confused, where is the best place to use 3DES, on the firewall, or on the router? Or it doesn't matter. The way I see it, if I wanted to do 3DES on the firewall with the 515, I would have to buy the 515UR, which is about 10K. I don't really need the thoughput for 100,000 users just yet though. Any suggestions on this? Thanks in advance... Brian Zee MCSE, CCNA, A+ Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=34863t=34863 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: 3DES [7:34756] AES? [7:34863]
FIPS197 was declared as the new AES in November, 2001. The standard will be in effect in May, 2002. When do we see it in actual products... not too sure. http://csrc.nist.gov/publications/fips/fips197/fips-197.pdf Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=34865t=34863 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: 3DES [7:34756] AES? [7:34756]
The Rijndael block cipher. Colin Glenn Johnson wrote: Any idea when they might add the successor to 3DES (AES)? (I've seen the Jan 2001 position paper at http://www.cisco.com/warp/public/cc/pd/hb/vp3000/prodlit/vpnpo_sd.htm -- just wondering if anyone knew more re timelines [assuming such can be shared, if it exists].) -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] Sent: Friday, February 08, 2002 11:07 AM To: [EMAIL PROTECTED] Subject: Re: 3DES [7:34756] The paranoid among us can think of other industries where industrial espionage might play a part. Insurance, medical, any industry where there are proprietary processes in place. Imagine if people had been able to hack Enron :- Chuck Joel Satterley wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Here, here, as long as you re-key every so often, who's going to bother ?? Daniel Cotts wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... My opinion is that nobody is going to try to intercept and decrypt your traffic unless you deal in very large amounts of money. DES will keep the curious at bay. It is less processor intensive. -Original Message- From: Brian Zeitz [mailto:[EMAIL PROTECTED]] Sent: Thursday, February 07, 2002 9:46 AM To: [EMAIL PROTECTED] Subject: 3DES [7:34756] I have been looking at routers/firewalls. I am thinking of going with the 2611 with a ADSL card, I also want to get a 515. Our office is not that big yet, but I want to plan for the future. I see that the Pix 515R only does DES, but doesn't do 3DES. But when I buy the router, I can get it with 3DES. I am just kinda confused, where is the best place to use 3DES, on the firewall, or on the router? Or it doesn't matter. The way I see it, if I wanted to do 3DES on the firewall with the 515, I would have to buy the 515UR, which is about 10K. I don't really need the thoughput for 100,000 users just yet though. Any suggestions on this? Thanks in advance... Brian Zee MCSE, CCNA, A+ Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=34872t=34756 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: 3DES [7:34756] AES? [7:34756]
I'm not sure when Cisco will incorporate AES, but it is already used in SSH2 and other products (can't think of any others of the top of my head). In fact, my company incorporates in AES into a client-server solution we offer. I've only read and heard good things about AES. - Sean -Original Message- From: Alex Lei [mailto:[EMAIL PROTECTED]] Sent: Friday, February 08, 2002 9:50 AM To: [EMAIL PROTECTED] Subject: RE: 3DES [7:34756] AES? [7:34863] FIPS197 was declared as the new AES in November, 2001. The standard will be in effect in May, 2002. When do we see it in actual products... not too sure. http://csrc.nist.gov/publications/fips/fips197/fips-197.pdf Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=34882t=34756 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
3DES [7:34756]
I have been looking at routers/firewalls. I am thinking of going with the 2611 with a ADSL card, I also want to get a 515. Our office is not that big yet, but I want to plan for the future. I see that the Pix 515R only does DES, but doesn't do 3DES. But when I buy the router, I can get it with 3DES. I am just kinda confused, where is the best place to use 3DES, on the firewall, or on the router? Or it doesn't matter. The way I see it, if I wanted to do 3DES on the firewall with the 515, I would have to buy the 515UR, which is about 10K. I don't really need the thoughput for 100,000 users just yet though. Any suggestions on this? Thanks in advance... Brian Zee MCSE, CCNA, A+ Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=34756t=34756 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: 3DES [7:34756]
My opinion is that nobody is going to try to intercept and decrypt your traffic unless you deal in very large amounts of money. DES will keep the curious at bay. It is less processor intensive. -Original Message- From: Brian Zeitz [mailto:[EMAIL PROTECTED]] Sent: Thursday, February 07, 2002 9:46 AM To: [EMAIL PROTECTED] Subject: 3DES [7:34756] I have been looking at routers/firewalls. I am thinking of going with the 2611 with a ADSL card, I also want to get a 515. Our office is not that big yet, but I want to plan for the future. I see that the Pix 515R only does DES, but doesn't do 3DES. But when I buy the router, I can get it with 3DES. I am just kinda confused, where is the best place to use 3DES, on the firewall, or on the router? Or it doesn't matter. The way I see it, if I wanted to do 3DES on the firewall with the 515, I would have to buy the 515UR, which is about 10K. I don't really need the thoughput for 100,000 users just yet though. Any suggestions on this? Thanks in advance... Brian Zee MCSE, CCNA, A+ Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=34763t=34756 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: 3DES [7:34756]
Here, here, as long as you re-key every so often, who's going to bother ?? Daniel Cotts wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... My opinion is that nobody is going to try to intercept and decrypt your traffic unless you deal in very large amounts of money. DES will keep the curious at bay. It is less processor intensive. -Original Message- From: Brian Zeitz [mailto:[EMAIL PROTECTED]] Sent: Thursday, February 07, 2002 9:46 AM To: [EMAIL PROTECTED] Subject: 3DES [7:34756] I have been looking at routers/firewalls. I am thinking of going with the 2611 with a ADSL card, I also want to get a 515. Our office is not that big yet, but I want to plan for the future. I see that the Pix 515R only does DES, but doesn't do 3DES. But when I buy the router, I can get it with 3DES. I am just kinda confused, where is the best place to use 3DES, on the firewall, or on the router? Or it doesn't matter. The way I see it, if I wanted to do 3DES on the firewall with the 515, I would have to buy the 515UR, which is about 10K. I don't really need the thoughput for 100,000 users just yet though. Any suggestions on this? Thanks in advance... Brian Zee MCSE, CCNA, A+ Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=34765t=34756 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
