From: Rodrigo Blanco (rodrigo.blanco.r@gmail.com)
Date: Tue Jun 21 2005 - 16:00:38 EDT
Hello list,
I have just come across a doubt about branch office VPN devices.
Normally, they are used so that a branch office's network - typically
with a private addressing scheme - can securely connect to the
headquarters' central network.
Such VPN devices normally do not include a firewall, so I was
wondering if this really represents a risk:
Yes - it is a risk if the VPN device just acts as a router (no ACLs)
and is attached to the Internet.
No - because the addressing scheme behind it is private, hence
non-routable, hence unreachable across the Internet (internet routers
would drop packets with such destinations?)
The only real risk I see is if the VPN device is cracked, and from
there the security of the whole network (both brach office and
headquarters) is exposed. Am I right?
Any ideas would be more than welcome. Thanks in advance for your
advice and best regards,
Rodrigo.
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:54:26 EDT