Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Security-Basics
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: How secure is VPN access?

from [Jonathan Loh] Network Security [Permanent Link]
Subject: Re: How secure is VPN access?
Date: Wed, 17 Nov 2004 20:00:51 -0800 (PST) 
It is a valid concern, VPN only secures the connection so that others cannot
see what's going on in the VPN tunnel.  But no it does not provide any
filtering.  So yes, an unwary (or rogue) employee can upload other goodies. 
Many companies have policies mandating that home users install basic
security,(ie a firewall, and virus protection/scanner, etc...), agree not to
misuse the companies servers and sign an agreement saying as much before they
get VPN access. 
Corporate laptops, once they go home with the user should be treated the same
way.  Unless they have something like deep freeze on them. 
--- Cesar Diaz <cdiaz00@gmail.com> wrote:


List,

After years of having VPN access for our remote users without a single
know security incident, my boss and I have to justify to her boss why
VPN is secure.

The CIO wants us to only allow users to access the network from
company laptops, not from their own home computers.  We currently will
allow users to install the VPN client software on their home computers
to connect remotely, or they can use Citrix through SSL access to get
to network resources.  His concern is that if a users home PC is
compromised, that compromise can spread to our network.

Is this a legitimate concern?  Can anyone point me in the direction of
some documentation backing either argument?





                
__________________________________ 
Do you Yahoo!? 
Meet the all-new My Yahoo! - Try it today! 
http://my.yahoo.com
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Failed admin logins, Joe Quigley
Next by Date:  RE: radius+ wireless, Bowes, Ronald (EST)
Previous by Thread:  RE: How secure is VPN access?, Javier Otero De Alba
Next by Thread:  How secure is VPN access?, Hayden Searle
Indexes:  [Date] [Thread] [Top] [All Lists]