Re: Another RWW versus VPN question
- From: "MWE Computers Services" <mwecomputers@xxxxxxxxx>
- Date: Tue, 28 Mar 2006 00:46:58 -0500
Here is another way to look at it:
VPN = Connection via firewall/ISA to the SBS server and/or workstation,
setting up a static link back to the end user at his/her present location.
The VPN connection starting point (i.e. user's home workstation) needs to
have the most current anti-virus/anti-spyware enabled to make sure
everything is 'kosher' for the connection. Security is not the primary
focus, but making sure the data that is being transmitted is true and CRC
checked for verification needs is. If data passed to the SBS server or other
workstations aren't being proactively checked, this introduces greater risk
of system and/or network threats.
RWW = User connects via the firewall/ISA to the SBS server directly then to
the internal workstation. The user's home workstation doesn't have to be
running the most current of anti-virus/anti-spyware programs. All work is
done on the user's internal PC found on the corporate network, which if
based correctly, would have had all PCs locked down securely and updated w/
the latest anti-virus/anti-spyware programs. If home user drive is mapped to
internal site, proactive system monitoring will pick up any threats and deal
with them properly. Data on the internal network as well as the workstation
would be monitored proactively, thus reducing the chance of system and/or
network threats.
I hope that puts VPN vs RWW into a better perspective.
-- Michael
"John" <nospam@xxxxxxxxxxx> wrote in message
news:%23vzgUWhUGHA.2156@xxxxxxxxxxxxxxxxxxxxxxx
Setuphim
SBS2003 SP1 Standard
Dual NIC
SonicWall TZ150 with IPS, Antispyware and Antivirus services running
Ports 25,443,444,1723 and 4125 open
I have a client that recently had a programmer from a large security based
company come by and demo the Access database he is working on for them.
During the meeting (which I was not at) he tells the employee that hired
and the owner of the company that the current system is not very secureand
that he would never trust Microsoft to be responsible for the security ofanything
remote access. His solution is a PIX firewall and VPN access.
My client has asked me to put in writing the differences between his
solution and our current solution.
I have been researching on the web and newsgroups but haven't found
that gives me any concrete info on RWW versus VPN besides RWW not allowingfrom
full access to the network like VPN. i.e viruses infecting the network
the remote clientless
Is a VPN tunnel more secure that SSL? 128 bit versus 256?
Is having the SBS box perform the authentication for access inherently
secure than having a hardware device authenticate?
Does anyone know if my setup is compliant?
They deal in financial information and the Sarbans Oxley Act keeps getting
brought up
Sorry for all the questions but this is technically beyond my experience.
Thanks
John
.
- References:
- Another RWW versus VPN question
- From: John
- Another RWW versus VPN question
- Prev by Date: Re: AMD server MB - 800Mhz or 1Ghz HT?
- Next by Date: RE: Monitoring Database Fails every now and then...
- Previous by thread: Re: Another RWW versus VPN question
- Next by thread: Re: Another RWW versus VPN question
- Index(es):
Relevant Pages
|
