Hello folks:
I am new on these forums. Our IT group recently started allowing us to connect to the enterprise network via VPN. However, I am a little concerned about the security associated with it. Do you guys have any thoughts on it?
Full Version: VPN question?
Heya MalRoyce
bear with me, cause I'm on a business trip and will be back on Monday to reply completely to your request. As a shot hint to calm you down: It might sound 'dangerous', but it isn't.
More about VPN security when I'm back, kay?
Greetz
Bubba
bear with me, cause I'm on a business trip and will be back on Monday to reply completely to your request. As a shot hint to calm you down: It might sound 'dangerous', but it isn't.
More about VPN security when I'm back, kay?
Greetz
Bubba
SSL VPN
An SSL VPN (Secure Sockets Layer virtual private network) is a form of VPN that can be used with a standard Web browser. In contrast to the traditional IPsec (Internet Protocol Security) VPN, an SSL VPN does not require the installation of specialized client software on end users' computers.
The SSL VPN can be a good choice for schools, libraries and public kiosks where trust can be an issue but easy access is also important. Applications include Web-based e-mail, business and government directories, databases for educational institutions, file sharing, remote backup, remote system management and consumer-level e-commerce.
SSL is a protocol for managing the security of message transmission on the Internet. SSL is included as part of both the Microsoft and Netscape browsers and most Web server products. It employs the public-and-private key encryption system from RSA. As TLS (Transport Layer Security), a refinement of SSL, replaces the earlier protocol, an SSL VPN is sometimes referred to as a TLS VPN.
Getting started with SSL VPN
http://searchsecurity.techtarget.com/sDefi...1201867,00.html
An SSL VPN (Secure Sockets Layer virtual private network) is a form of VPN that can be used with a standard Web browser. In contrast to the traditional IPsec (Internet Protocol Security) VPN, an SSL VPN does not require the installation of specialized client software on end users' computers.
The SSL VPN can be a good choice for schools, libraries and public kiosks where trust can be an issue but easy access is also important. Applications include Web-based e-mail, business and government directories, databases for educational institutions, file sharing, remote backup, remote system management and consumer-level e-commerce.
SSL is a protocol for managing the security of message transmission on the Internet. SSL is included as part of both the Microsoft and Netscape browsers and most Web server products. It employs the public-and-private key encryption system from RSA. As TLS (Transport Layer Security), a refinement of SSL, replaces the earlier protocol, an SSL VPN is sometimes referred to as a TLS VPN.
Getting started with SSL VPN
http://searchsecurity.techtarget.com/sDefi...1201867,00.html
Hunter:
Thanks for pointing me to those links and the explanation on the SSL VPN. As you can see I have been posting my query on several forums. I think I found something that is interesting and I would like to get your feedback on it as well if you know about it.
There is a product called Phonefactor for Remote Access VPN : Phonefactor for Remote Access VPN
It offers 2-factor authentication for the VPN process for added VPN security and calls a user to verify remote access. What are your thoughts?
Thanks,
Thanks for pointing me to those links and the explanation on the SSL VPN. As you can see I have been posting my query on several forums. I think I found something that is interesting and I would like to get your feedback on it as well if you know about it.
There is a product called Phonefactor for Remote Access VPN : Phonefactor for Remote Access VPN
It offers 2-factor authentication for the VPN process for added VPN security and calls a user to verify remote access. What are your thoughts?
Thanks,
It works for many..
http://it.toolbox.com/blogs/adventuresinse...our-phone-18884
Also look into those VPN's that use "port knocking" for an additional layer of Security.
http://it.toolbox.com/blogs/adventuresinse...our-phone-18884
Also look into those VPN's that use "port knocking" for an additional layer of Security.
Thanks Hunter!! I looked up Port Knocking on wikipedia and the subject is way over my head. However, the other article regarding 2-factor authentication by Phonefactor does make a lot of sense. I downloaded phonefactor yesterday from http://www.phonefactor.com/downloads . It was really easy to install. I setup my phone number and now whenever I log into my corporate network I get a automated call from phonefactor to check the authenticity. Free added 2-factor VPN security!!!
hi,
Actually i don't know much about vpn .You are using a VPN client that does not allow 'split-tunneling' and ALL your traffic is being forced over the tunnel to the remote network. This is done for security reasons.
Actually i don't know much about vpn .You are using a VPN client that does not allow 'split-tunneling' and ALL your traffic is being forced over the tunnel to the remote network. This is done for security reasons.
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.