Firewall Wizards mailing list archives

RE: Opinions on VPN?

From: Russ () cooper com
Date: Tue, 20 Apr 1999 17:02:25 -0700

The Cisco firewalls don't run the full firewall products.  In Checkpoint,
for example, it has a ported version of the firewall module and doesn't
support the full featureset.  If it did, it would slow the product down.
Since the product is good at packet inspection, that is what it focuses on.
It can't do all the application layer inspection.  It does have it's
shortfalls.
 

-----Original Message-----
From: John McDonald [mailto:Johnm () Networkguys com]
Sent: Monday, April 19, 1999 8:09 AM
To: Jan B. Koum 
Cc: firewall-wizards () nfr net
Subject: RE: Opinions on VPN?



Cisco routers are a joke when it comes to security and encrypting data.
We've run multiple security audits on all of Cisco's "security" equipment
with the same results. Penetration or unauthorized privileges in under 15
minutes. It's marketing hype. Real VPN's are engineered by companies such as
TimeStep, VPNet, RADGuard, and Check Point. These products DO NOT ALLOW
ACCES to the hardware itself. This is the major downfall of the Cisco
products. They are meant to be routers and NOT VPN's or Firewalls.


John D. McDonald 

Phone: 510.713.8880 ext. 306 
Fax:      510.713.3456 
E-mail: JohnM () NetworkGuys com 
Web:    www.NetworkGuys.com 

Secure Enterprise Connectivity 
Managed Security        Managed Firewall 
Anti-Virus-Vandal       Firewalls 
Security AuditsVPN 
Digital Certificates    Security Systems 
24x7 Network Monitoring/Hacker intrusion 


        BM__MailData-----Original Message----- 
From:   Jan B. Koum  [ mailto:jkb () best com <mailto:jkb () best com> ] 
Sent:   Saturday, April 17, 1999 6:26 PM 
To:     firewall-wizards () nfr net 
Subject:        Opinions on VPN? 

        eSafe Protect Gateway (tm) has scanned this mail for 
viruses, vandals and suspicious attachments and has found it 
to be CLEAN. 


                Hi folks, 

                Just wanted to find out what other people opinion on 'VPN'
as a 
general idea? IMHO, the person who came up with the VPN idea should be 
shot, because in most cased all VPN do is create entry points into your 
network (in most cased right past the firewall and some times in the 
hear of your network). They also give admins false sence of security: 
the data is encrypted. But if 'rm -rf /' or 'cp porn.html index.html' 
command -- so what?! That command (traffic) is still there! 

                Am I alone in the opinion that VPN mostly suck or is it just

because I tend to run into a lot of misconfigured cisco routers which 
do encrypt data, but also route packets from others into your net :( 

        -- Yan

Current thread:

Re: Opinions on VPN?, (continued)
- Re: Opinions on VPN? Ryan Russell (Apr 19)
  - Re: Opinions on VPN? Paul M. Cardon (Apr 20)
- RE: Opinions on VPN? Kyle Starkey (Apr 20)
- RE: Opinions on VPN? Litney, Tom (Apr 20)
  - Re: Opinions on VPN? Philip S Holt, Security Engineer / Network Engineer (Apr 21)
- RE: Opinions on VPN? John McDonald (Apr 20)
  - RE: Opinions on VPN? dreamwvr (Apr 21)
    - RE: Opinions on VPN? Andreas Gunnarsson (Apr 22)
- RE: Opinions on VPN? Dendeni, Iyes (Apr 21)
- RE: Opinions on VPN? Litney, Tom (Apr 21)
- RE: Opinions on VPN? Russ (Apr 21)
- Re: Opinions on VPN? Rodney van den Oever (Apr 22)
- RE: Opinions on VPN? Russ (Apr 23)
  - RE: Opinions on VPN? David Bovee (Apr 24)
    - RE: Opinions on VPN? dreamwvr (Apr 25)
- Re: Opinions on VPN? Robert Graham (Apr 24)
  - Re: Opinions on VPN? myles (Apr 29)
    - Re: Opinions on VPN? Joseph S D Yao (Apr 29)
- RE: Opinions on VPN? TC Wolsey (Apr 24)