The usual way of doing this would be to have a VPN tunnel between your edge firewall and theirs and to use your firewall to acl access between the networks.
From: Sam Cayze [mailto:[email protected]] Sent: 13 February 2012 14:33 To: NT System Admin Issues Subject: Client requiring a VPN Connection to their network... Um? Concerned about this, not sure how to proceed, and this is a first for me. A long time customer has suddenly required that we access their B2B portal via installing their VPN software, essentially connecting to their network in order to access the portal. (We in the past, and going forward, we utilize heavily). My concerns: They gave us 1 day notice. (Hardly, more like 12 hours). They emailed us Sunday and expected that I have the vpn clients installed on all PCs by the AM. I have no idea of their security on the tunnel, and what lies on their network that could seep onto our machines. Their tunnelling policy is not to my liking... It hijacks all our connections, so that our users would not be able to print, access email, file servers, our gateway, etc. (Which might be safer... the networks essentially can't talk to each other.) So there would be no way our users could get anything done with the connection active. By their short notice and poor planning, the poor documentation, and the badly configured installer they gave us, I just don't have much trust in the system and their security practices. I know this must happen elsewhere with B2B stuff, is there a model I should be following? Questions I should be asking? Agreements and security policies to be signed? I would sure think so. In the mean time, I'm going to set up a dumb-kiosk on an isolated network with the VPN software so my users can at least walk up to it and access what they need so our projects keep moving. I'm going to try and address my concerns with them, but from what I hear, their IT dept is quite hard to work with, if you can even get anyone to help. (It's a very large company). Any thoughts and suggestions would be highly appreciated. TIA. Sam ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected]<mailto:[email protected]> with the body: unsubscribe ntsysadmin -- MIRA Ltd Watling Street, Nuneaton, Warwickshire, CV10 0TU, England Registered in England and Wales No. 402570 VAT Registration GB 100 1464 84 The contents of this e-mail are confidential and are solely for the use of the intended recipient. If you receive this e-mail in error, please delete it and notify us either by e-mail, telephone or fax. You should not copy, forward or otherwise disclose the content of the e-mail as this is prohibited. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin
