Vpn Planning; Vpn Design Considerations - D-Link DFL-1600 User Manual
Network security firewall
Hide thumbs
Also See for DFL-1600:
- Quick manual (22 pages) ,
- User manual (552 pages) ,
- Log reference manual (476 pages)
Table of Contents
Advertisement
21.1
VPN Design Considerations
"A chain is never stronger than its weakest link".
An attacker wishing to make use of a VPN connection will typically not
attempt to crack the VPN encryption, since this requires enormous
amounts of computation and time. Rather, he/she will see VPN traffic as
an indication that there is something really soft and chewy on the other
end of the connection. Typically, mobile clients and branch offices are far
more attractive targets than the main corporate networks. Once inside
those, getting to the corporate network becomes a much easier task.
In designing a VPN, there are many non-obvious issues that need to be
addressed. This includes:
Protecting mobile and home computers.
Restricting access through the VPN to needed services only, since
mobile computers are vulnerable.
Creating DMZs for services that need to be shared with other
companies through VPNs.
Adapting VPN access policies for different groups of users.
Creating key distribution policies.
21
VPN Planning
207
Advertisement
Table of Contents
