Dear List
I am currently trying to move an organization's current solution of VPN for
external contractors performing file transfer, to SecureFTP.
My belief has always been that SecureFTP is the appropriate solution for
secure file transfer and the aim should always be to avoid giving remote
access to internal networks [especially non-employee] where it is not
specifically required.
My question is are there any other issues that I should be aware of with
allowing SecureFTP/SSH through the firewall as one of the standard pushes
(read knee jerk reactions) against this appears to be that another port is
opened on the firewall?
1. I have worked in a lot of different organizations where VPN seems to be
the norm for everyone even where the only requirement is file transfer
2. My belief is that this is because the organization does not appreciate
the implications of allowing non-employees access to the internal network
and does not understand that SecureFTP is an appropriate solution
3. I understand that SSH is a great opportunity for tunneling attacks if an
exploit is discovered, but I feel that there is it possible to manage this
exposure through the existence of a DMZ based bastion host, rather than
providing external people with access to the VPN.
Comments appreciated.
Chris
_________________________________________________________________
It's fast, it's easy and it's free. Get MSN Messenger today!
http://www.msn.co.uk/messenger
_______________________________________________
firewall-wizards mailing list
firewall-wizards_at_honor.icsalabs.com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Received on Aug 12 2004
Intro
