First you must define what kind of SSL VPN you are talking about, for example there's a huge difference between OpenVPN and the web re-writing portals. Things like SSL strip may or may not be a factor depending on the choice.
I am a huge OpenVPN fanbois, and have been for years. Jack On 10/19/10, Michael Douglas <[email protected]> wrote: > Hey all, > > I'm trying to determine what protocols should be permitted on a new > VPN concentrator. > > I'd like to stick with IPSec, it's tried and true, and to quote Garth: > "We fear change". However, it seems that all the vendors are going > down the SSL route. Now I know SSL is 'safe', but it seems like it's > more open to attacks like SSLStrip (thanks again Moxie for making us > aware of the problems!) I get that SSL is easier for administrators > and end users alike, but is that convenience at too high a cost? > > So what are your thoughts? Am I being too paranoid? If there are > articles or places where I should RTFM, that's cool... I just need to > know what FM to read!! Please send the links/info ;-) > > > Thanks for your input, and have a nice day! > - Mick > _______________________________________________ > Pauldotcom mailing list > [email protected] > http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom > Main Web Site: http://pauldotcom.com > -- Sent from my mobile device ______________________________________ Jack Daniel, Reluctant CISSP http://twitter.com/jack_daniel http://www.linkedin.com/in/jackadaniel http://blog.uncommonsensesecurity.com _______________________________________________ Pauldotcom mailing list [email protected] http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
