Firewall Wizards mailing list archives
Re: Opinions on VPN?
From: "Ryan Russell" <Ryan.Russell () sybase com>
Date: Sun, 18 Apr 1999 20:35:33 -0700
Just wanted to find out what other people opinion on 'VPN' as a general idea? IMHO, the person who came up with the VPN idea should be shot, because in most cased all VPN do is create entry points into your network (in most cased right past the firewall and some times in the hear of your network).
Depends... if you've outlawed remote-access entirely, then VPNs shouldn't be allowed either (remote-access VPNs, at least.) If you allow people to use modems to get into your network, then a VPN may be an improvement in security. Depends on whether you're more worried about people who can crack the phone company or frame carrier vs. people who can crack encryption or client machines on the Internet. Don't allow yourself to think the phone company or frame carrier is secure. WAN-replacement VPNs are an improvement over unencrypted WAN links. You don't have to trust your WAN provider anymore. The point of VPNs is to reduce costs, of course. The security administrator's job is to weigh the risk vs. costs. Hopefully, you can approach the best of both worlds.
They also give admins false sence of security: the data is encrypted. But if 'rm -rf /' or 'cp porn.html index.html' command -- so what?! That command (traffic) is still there!
Someone thinks that encrypting traffic removes one's ability to delete or copy files?
Am I alone in the opinion that VPN mostly suck or is it just because I tend to run into a lot of misconfigured cisco routers which do encrypt data, but also route packets from others into your net :(
There are risks with VPNs, as with any technology. I'll be saving about a million bucks this year with my VPN implementation. I wouldn't have been doing my job if I didn't weight that against my security risks. Ryan
Current thread:
- Opinions on VPN? Jan B. Koum (Apr 18)
- Re: Opinions on VPN? Frederick M Avolio (Apr 19)
- Re: Opinions on VPN? Andreas Gunnarsson (Apr 19)
- Re: Opinions on VPN? Jonathan Poole (Apr 20)
- Re: Opinions on VPN? Rick Smith (Apr 20)
- Message not available
- Re: Opinions on VPN? dreamwvr (Apr 20)
- <Possible follow-ups>
- Re: Opinions on VPN? Ryan Russell (Apr 19)
- Re: Opinions on VPN? Paul M. Cardon (Apr 20)
- RE: Opinions on VPN? Kyle Starkey (Apr 20)
- RE: Opinions on VPN? Litney, Tom (Apr 20)
- Re: Opinions on VPN? Philip S Holt, Security Engineer / Network Engineer (Apr 21)
- RE: Opinions on VPN? John McDonald (Apr 20)
- RE: Opinions on VPN? dreamwvr (Apr 21)
- RE: Opinions on VPN? Andreas Gunnarsson (Apr 22)
- RE: Opinions on VPN? dreamwvr (Apr 21)
- RE: Opinions on VPN? Dendeni, Iyes (Apr 21)
- RE: Opinions on VPN? Litney, Tom (Apr 21)
- RE: Opinions on VPN? Russ (Apr 21)