The Tls Alternative For Vpn - D-Link DFL-1660 User Manual
Network security firewall
Hide thumbs
Also See for DFL-1660:
- User manual (483 pages) ,
- Installation manual (45 pages) ,
- Reference manual (948 pages)
Table of Contents
Advertisement
9.1.5. The TLS Alternative for VPN
It is probably better using more keys than is necessary today since it will be easier to adjust
access per user (group) in the future.
•
Should the keys be changed? If they are changed, how often? In cases where keys are shared by
multiple users, consider using overlapping schemes, so that the old keys work for a short period
of time when new keys have been issued.
•
What happens when an employee in possession of a key leaves the company? If several users are
using the same key, it should be changed.
•
In cases where the key is not directly programmed into a network unit, such as a VPN firewall,
how should the key be stored? On a floppy? As a pass phrase to memorize? On a smart card? If
it is a physical token, how should it be handled?
9.1.5. The TLS Alternative for VPN
If secure access by clients to web servers using HTTP is the scenario under consideration, then
using a NetDefend Firewall for TLS termination can offer an alternative "lightweight" VPN
approach that is quickly and easily implemented. This topic is described further in Section 6.2.10,
"The TLS ALG".
418
Chapter 9. VPN
- Quick Links:
- The Cli
Hide quick links:
Advertisement
Table of Contents
Troubleshooting
