I'd start by requesting sufficient testing time to verify that it's use doesn't 
compromise your systems which (if they allow it) gives you time to raise the 
red flags on your already discovered issues.

 John W. Cook
Network Manager
Partnership For Strong Families
5950 NW 1st Place
Gainesville, Fl 32607
Office (352) 244-1610
Cell     (352) 215-6944
MCSE, MCP+I, MCTS, CompTIA A+, N+, VSP4, VTSP4, MCVP

From: Sam Cayze [mailto:[email protected]]
Sent: Monday, February 13, 2012 9:33 AM
To: NT System Admin Issues
Subject: Client requiring a VPN Connection to their network... Um?

Concerned about this, not sure how to proceed, and this is a first for me.

A long time customer has suddenly required that we access their B2B portal via 
installing their VPN software, essentially connecting to their network in order 
to access the portal. (We in the past, and going forward, we utilize heavily).

My concerns:
They gave us 1 day notice.  (Hardly, more like 12 hours).  They emailed us 
Sunday and expected that I have the vpn clients installed on all PCs by the AM.
I have no idea of their security on the tunnel, and what lies on their network 
that could seep onto our machines.
Their tunnelling policy is not to my liking... It hijacks all our connections, 
so that our users would not be able to print, access email, file servers, our 
gateway, etc.  (Which might be safer... the networks essentially can't talk to 
each other.) So there would be no way our users could get anything done with 
the connection active.
By their short notice and poor planning, the poor documentation, and the badly 
configured installer they gave us, I just don't have much trust in the system 
and their security practices.

I know this must happen elsewhere with B2B stuff, is there a model I should be 
following?  Questions I should be asking?  Agreements and security policies to 
be signed?  I would sure think so.

In the mean time, I'm going to set up a dumb-kiosk on an isolated network with 
the VPN software so my users can at least walk up to it and access what they 
need so our projects keep moving.  I'm going to try and address my concerns 
with them, but from what I hear, their IT dept is quite hard to work with, if 
you can even get anyone to help.  (It's a very large company).

Any thoughts and suggestions would be highly appreciated.  TIA.

Sam




~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to 
[email protected]<mailto:[email protected]>
with the body: unsubscribe ntsysadmin

________________________________
CONFIDENTIALITY STATEMENT: The information transmitted, or contained or 
attached to or with this Notice is intended only for the person or entity to 
which it is addressed and may contain Protected Health Information (PHI), 
confidential and/or privileged material. Any review, transmission, 
dissemination, or other use of, and taking any action in reliance upon this 
information by persons or entities other than the intended recipient without 
the express written consent of the sender are prohibited. This information may 
be protected by the Health Insurance Portability and Accountability Act of 1996 
(HIPAA), and other Federal and Florida laws. Improper or unauthorized use or 
disclosure of this information could result in civil and/or criminal penalties.
Consider the environment. Please don't print this e-mail unless you really need 
to.

This email and any attached files are confidential and intended solely for the 
intended recipient(s). If you are not the named recipient you should not read, 
distribute, copy or alter this email. Any views or opinions expressed in this 
email are those of the author and do not represent those of the company. 
Warning: Although precautions have been taken to make sure no viruses are 
present in this email, the company cannot accept responsibility for any loss or 
damage that arise from the use of this email or attachments.

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to [email protected]
with the body: unsubscribe ntsysadmin

Reply via email to