[prev in list] [next in list] [prev in thread] [next in thread]
List: vpn
Subject: RE: ipsec security and vpn stuff
From: "David Bovee" <dbovee () nw ! verio ! net>
Date: 1998-08-12 0:20:21
[Download RAW message or body]
This post has too many unrelated questions.
> heard in the list last about the ipsec etc and vpn. please explain the
> following staement.
>
> "the vpn server talks ipsec and need not necessarily be placed behind a
> firewall."
This question really isn't very detailed--what do you *NEED* to know?
If you are running an NT server with an IPSec stack (not saying that it
exists), would you trust it in front a firewall?
> another question:
> say two sites want a secured connectivity for data integrity, user
^^^^^
You have defined your answer before you asked your question. If both
complete *sites* want a VPN to each other and the sites are relatively large
in number (probably over 5 users each), it probably makes more sense to use
branch office VPN. However, there are downsides, perhaps user authentication
at Site A VPN server cannot be passed to a host on Site B, which could be
unacceptable.
> let us refer to the checkpoint firewall which has VPN capability
> implemented.
> so if we were to use the checkpoint at our end as a vpn server then at
> the
> other end another vpn server would be needed ?
My understanding is, you could use:
1) checkpoint clients on each client requiring VPN access
2) a checkpoint box at the remote site (probably best bet)
3) an interoperable VPN box at the remote site (probably a long shot at this
point)
--David Bovee, MCSE Verio Northwest
Security Engineer 15400 SE 30th Place, Suite 202
mailto:dbovee@nw.verio.net Bellevue, WA 98007
(425) 649-7466 USA
****************************************************************
TO POST A MESSAGE on this list, send it to vpn@listserv.iegroup.com
We are currently experiencing "unsubscribe" difficulties. If you
wish to unsubscribe, please send a message containing the single line
"unsubscribe vpn your-e-mail-address" to owner-vpn@listserv.iegroup.com
****************************************************************
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic