|
North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: Level3 routing issues?
at Monday, January 27, 2003 7:50 PM, [email protected] <[email protected]> was seen to say: > This is not correct. VPN simply extends security policy to a different > location. A VPN user must make sure that local security policy > prevents other traffic from entering VPN connection. This is nice in theory, but in practice is simply not true. even assuming that the most restrictive settings are used (user may not install software by admin setting, has no local administration on his machine, IP traffic other than via the VPN is exclusive to the vpn client) it is *still* possible that the machine could be compromised by (say) an email virus who then bypasses security by any one of a dozen routes.
|