Internet Edge Design: SSL VPN Placement?
This is another question that arose today. Where do you want place your VPN gateway (SSL or other VPN concentrators) in you internet edge for the network? Should they be placed next to firewalls on the edge, routers, or behind the firewall?
In my opinion, VPN concentrators should be behind a firewall with OOB - Out of Band Management - capabilities, especially if it's a SSL or Web VPN device. Because, HTTP/HTTPs are proned to web based attacks like ssl stripping and SSL VPN has two parts (Web Server and VPN Server).
However, I would like to know what others have to say about it in the community and if there is a better approach.
Please feel free to leave you suggestions and thoughts in the comment section.
Thanks
Popular Posts
-
VMware vSphere or VI3 doesn't provide a native way to run scheduled snapshot reports. However, having a daily snapshot report can be very u...
-
Setting up Windows 2008 NFS (Network File Storage) to be used with ESX 4.0 was fun. We discovered many new things about NFS and came across ...
-
Here is a quick fact checklist and usage guidelines from our experience of implementing new Windows 2008 RADIUS server called NPS which is p...
5 comments:
I have to agree on you with this one as it will be much more secure for sure.
usa vpn
We share the same thoughts as I think also it's safer that way.
usa vpn
I have to agree with Quintin. Thank you very much.
virtual office
I have to say that's just pretty much it on VPN.
VPN connections are one of the best especially when you have a base T connection. Thanks for sharing this short and good post.
Web Hosting UK
Post a Comment