Firewall Wizards mailing list archives
Re: VPN for *DSL/CableModem Users
From: "Chuck Fasching" <cfasching () compures com>
Date: Fri, 18 Aug 2000 11:26:14 -0500
If you are just placing a client piece on the End User machine, you could
use Check Point's VPN-1 Secure client, which, when connected to the
Corporate VPN, can control end user connections (Allow All, Deny Incoming,
Deny Outgoing, or only allow Encrypted). You could also futz around with
"personal" firewalls.
Chuck "Spence" Fasching
Security Architect
cfasching () compures com
Computech Resources, Inc
(952)833-0930 xt35
"Michael C. Ibarra"
<ibarra () hawk com> To: <firewall-wizards () nfr net>
Sent by: cc:
firewall-wizards-adm Subject: [fw-wiz] VPN for *DSL/CableModem Users
in () nfr net
08/17/2000 04:14 PM
Hello:
I've been asked to perform the horrible task of allowing
in remote/home internet connections into a corporate LAN.
The firewall/s in question are a FW-1 and IPFilter (separate
machines) combo. The pipe decided upon was either DSL or
cable modems, based of course on availibilty. The present
method is an isdn/SecureID/dialback method. The present
corporate policy allows no inbound traffic from the inter-
net and allows a limited outbound connections, mainly http.
My feeling is that users, unable to reach their AOL/Napster/
whatever type of services could place a modem into these home
PC's, corporate owned but that doesn't matter, making that
box an insecure gateway or transfer point for a virus to the
corporate network. VPN's IMO would do little to protect a
machine which has a greater chance of becoming compromised,
besides breaking corporate security policy since all non-VPN
connections would probably allow those same services not
normally allowed in the office. My question, and thank you
for reading this far, is what VPN software and/or hardware
is recommended and what can be done to enforce the present
corporate policy (aside from asking users to sign an agreement).
Thank you all,
-mike
The information contained in this message
is not necessarily the opinion of Hawk
Technologies, Inc.
_______________________________________________
Firewall-wizards mailing list
Firewall-wizards () nfr net
http://www.nfr.net/mailman/listinfo/firewall-wizards
_______________________________________________
Firewall-wizards mailing list
Firewall-wizards () nfr net
http://www.nfr.net/mailman/listinfo/firewall-wizards
Current thread:
- VPN for *DSL/CableModem Users Michael C. Ibarra (Aug 18)
- Re: VPN for *DSL/CableModem Users Ray Hooker (Aug 19)
- <Possible follow-ups>
- RE: VPN for *DSL/CableModem Users Irwin Lazar (Aug 19)
- RE: VPN for *DSL/CableModem Users Starkey, Kyle (Aug 19)
- RE: VPN for *DSL/CableModem Users John Adams (Aug 20)
- RE: VPN for *DSL/CableModem Users Robert Purdy (Aug 21)
- RE: VPN for *DSL/CableModem Users sean . kelly (Aug 19)
- Re: VPN for *DSL/CableModem Users Chuck Fasching (Aug 19)
- Re: VPN for *DSL/CableModem Users Andrew J Bernoth/Boulder/IBM (Aug 19)
- Re: VPN for *DSL/CableModem Users Michael C. Ibarra (Aug 19)
- RE: VPN for *DSL/CableModem Users Jensen, Greg (Aug 20)
- Re: VPN for *DSL/CableModem Users amanda (Aug 20)
- Re: VPN for *DSL/CableModem Users Bill_Royds (Aug 20)
- RE: VPN for *DSL/CableModem Users Patrick Darden (Aug 21)