> Nortel's Contivity Extranet client has a feature that basically re-routes
> all traffic from and to the client through the secure tunnel.
What this basically means is that in addition to the VPN, it has installed
a firewall (to filter access to other services) and modified the routing
table on the client. There's no reason other than marketing that this sort
of functionality needs to be combined with a VPN... it would work just as
well with a DUN connection instead of a VPN.
This doesn't change my point... that with a VPN you're making every client
an integral part of the internet firewall... it just means that they're
actually putting a firewall package in to alleviate the problem. Given the
lack of security in Windows 95, and even NT, I'm not exactly happy with
this solution... but it *is* better than sticking your head in the sand.
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
