Chris Lyon a écrit :
On Sun, Jun 15, 2008 at 1:05 PM, Hugo van der Kooij
<[EMAIL PROTECTED]> wrote:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Chris Lyon wrote:
| So from a security standpoint, Linux would be much harder to control
| since it would be a split tunnel. So the remote machines could be an
| entry point to the network.
Think of Linux machines as just another 3rd party gateway. Not as some
PC with a VPN client. So you rely on the admin of that other gateway as
you do with every other vpn.
Hugo.
So a considerable risk since we can't control the gateway and if these
remote machines have full access to the network?
they only have access to what you allow in your rulebase.
if you don't trust neither this gateway nor the network behind, perhaps
it's time to set up
authentication or migrate to a vpn ssl solution.
Scanned by Check Point Total Security Gateway.
=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to [EMAIL PROTECTED]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[EMAIL PROTECTED]
=================================================
