-
May 30th, 2007, 01:16 PM
#1
Member
OpenVPN
Hi,
Anyone heard of this software? I know its open source but how secure is it? Is there not something else I can use instead?
I need to make sure that when users make VPN connections into a client network that its secure and there are NO loopholes
Thanks ...again.
B
.....I rather not say....
-
May 30th, 2007, 01:27 PM
#2
Originally Posted by bradlesliect
Hi,
Anyone heard of this software? I know its open source but how secure is it? Is there not something else I can use instead?
I need to make sure that when users make VPN connections into a client network that its secure and there are NO loopholes
Thanks ...again.
B
Notwithstanding that there are no guarantees in life...
You need to do a risk assesment for your needs.
What is the nature of the network you are trying to protect.
Is it a bank, military base or a school club?
If you need 100% security, should you be allowing any external connections - Remeber, what happens if someone has thier laptop stolen that has the connection software and keys on it.
I know of corportae users of OpenVPN that make good use of it without incident, but unless you understand your own security needs then this question can't be answered here.
Steve
IT, e-commerce, Retail, Programme & Project Management, EPoS, Supply Chain and Logistic Services. Yorkshire. http://www.bigi.uk.com
-
May 30th, 2007, 01:45 PM
#3
Member
This is for a financial institution. I have been asked to take a look at the way ppl access the network from both inside and out.
OpenVPN is the client used to access the co resources from outside. Where the VPN connection is made to I am not sure yet ie. PIX firewall, Router, Windows Server.
I would like for them to use something more secure other than this if it poses a problem.
.....I rather not say....
-
May 30th, 2007, 03:28 PM
#4
I really think you should consider securing things on both ends of the VPN and using several layers of securty
If you want some semblence of security with remote users
Users should run on limited accounts from machines that are secure, maybe even using a hardware VPN solution...point to point...each user has a vpn router on thier end.
Guess it depends on budget...how many users and what type of acctivity and transactions they will be doing.
My brother works for a bank here in canada...I believe he as 4 passwords just to connect...and depending on the transaction...has to enter up at least 7....3 more after connection.......all different.
They also use a hardware key generator where the main access code changes every 30 seconds or so.
This was a few years ago....the machine also dialed direct into the bank..not sure what system they use now....but gives you an idea the how complex it can be.
All comes down to budget and what you are doing.
Personally....I wouldnt use open source....unless you have the resources to continue to develop and support your OWN version
just MHO
MLF
How people treat you is their karma- how you react is yours-Wayne Dyer
-
May 30th, 2007, 04:11 PM
#5
If you are a financial institution and I were in your shoes I would consider getting an external security agency to perfom a security audit on yourselves and then get them to recommend an appropriate solution for your needs.
You should invite a few companies to come and pitch and ensure senior management are involved in the selection process of the company, as well as the discussions about the security audit and the selection of the appropriate product for your needs,
If you don't do this and something goes wrong I suspect that you will open your company to a charge of negligence and yourself to disciplinary action.
Just my 2c
Steve
IT, e-commerce, Retail, Programme & Project Management, EPoS, Supply Chain and Logistic Services. Yorkshire. http://www.bigi.uk.com
-
May 30th, 2007, 04:27 PM
#6
How's the VPN protected? Passwords? Certificates? Both? What's being used to setup the VPN? SSL? IPSec? Remember VPN isn't a protocol, it's a topology.
OpenVPN is quite good. I doubt you'll find something that's more secure.
On a related note, if you don't know what OpenVPN is then I'm not sure you're the right person to test it's security.
Oliver's Law:
Experience is something you don't get until just after you need it.
-
July 10th, 2007, 10:07 PM
#7
Junior Member
OPenvpn is a great solution that many many many companies use for a free software solution to vpn needs. It is very secure, encapsulates all protocols, is opensource and runs on broadcom embeded hardware, linux and windows OSs.
IT is very very easy to setup and there are about 5000 tutorials on how to do it..
IT will 100% fill the needs of your company. I prefer it to Cisco VPN 3000 hands down nevermind the cost......
\"Good from a far, but far from good\"
-
July 11th, 2007, 08:40 AM
#8
Well first of all what OS are you running on the Server that provides internet access?
What hardware routers do you have in place?
Are there are firewalls on the OS/hardware?
Depending on what you have in place already, there might be a facility to allow VPNs through routing and remote access for example on Windows 2003 Server.
Similar Threads
-
By killerbeesateme in forum *nix Security Discussions
Replies: 4
Last Post: April 17th, 2006, 09:09 PM
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|