Hello,
I have a site with an engineer who needs to periodically get
onto an NT system at work from home using PCanywhere (or similar).
He has a home DSL line with a static IP address into an ISP that
also feeds the T1 connection to the company network.
The PC registries will be changed so that different ports from
the default two 56xx PCanywhere ports are used.
The company border router will have Access List entries allowing
only traffic from the static DSL IP address to the two PCanywhere
ports. Likewise the firewall will have similar access restrictions.
PCanywhere will be using MS "cryptoAPI" for encryption.
My question to the list is:
What are the benefits of having PCanywhere go over a VPN tunnel?
The argument I see *against* the VPN tunnel is that we are then
expanding our trust to the entire home PC with whatever trojans or
viruses might be on it. With just the PCanywhere application, the
trust is limited to that one application.
Any opinions out there on this one? Thanks for any advice.
- Randy [EMAIL PROTECTED]
-
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
