Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Firewalls
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: VPN and Firewall

from [Jason Ha] Network Security [Permanent Link]
Subject: RE: VPN and Firewall
Date: Fri, 11 Mar 2005 08:34:48 +1100 
Hey Serg,

Depending on the grunt of the box, I'd recommend that you deploy the VPN
option on the firewall. Depending on what solution you're using, it
gives you a single point of access control for all traffic (including
your VPN traffic). That is, VPN access can be terminated on the firewall
and security policy can be enforced by the firewall. By deploying a
separate VPN server, you need to configure security policy for another
point in your network, potentially adding to complication and
administration cost. It also means that you have to manage another
server.

Just my thoughts.

Regards,

Jason Ha [CISSP, CCSE, JNCIS-FWV]
Senior Security Engineer,
Security Operations Centre
VeriSign Australia

-----Original Message-----
From: sergb@tpg.com.au [mailto:sergb@tpg.com.au] 
Sent: Thursday, 10 March 2005 10:34 AM
To: firewalls@securityfocus.com
Subject: VPN and Firewall

Hi All, 

I am running a Linux based firewall and now need to deploy a VPN.
Because firewall runs on a Linux box, I can install all network security
software on that box (within reason ofcourse), so my question is: 

Would it be better to install a VPN solution on the firewall box itself
or on a physically different machine and why? 

    Thanks,
        Serg
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  RE: PIX configuration question?, Jason Ha
Next by Date:  RE: PIX configuration question?, Brad Davenport
Previous by Thread:  PIX configuration question?, Conlan Adams
Next by Thread:  RE: VPN and Firewall, Beauford, Jason
Indexes:  [Date] [Thread] [Top] [All Lists]