Re: [PLUG] back-hauling or not (was VPN issues)

JP Vossen on 25 Jan 2009 14:12:33 -0800

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] back-hauling or not (was VPN issues)

From: JP Vossen <jp@jpsdomain.org>

To: plug@lists.phillylinux.org

Subject: Re: [PLUG] back-hauling or not (was VPN issues)

Date: Sun, 25 Jan 2009 17:12:24 -0500

Reply-to: Philadelphia Linux User's Group Discussion List <plug@lists.phillylinux.org>

Sender: plug-bounces@lists.phillylinux.org

User-agent: Thunderbird 2.0.0.19 (Windows/20081209)

> Date: Sat, 24 Jan 2009 22:42:32 -0500 > From: Robert Spangler <mlists@zoominternet.net> > Subject: Re: [PLUG] VPN issues > > If you require [a split tunnel] then you should first talk it over > [...] with your [boss] and company security before implementing this. I can't implement it. It's a unilateral policy from on-high. All I can do it work around it so that I can actually get my work done. > If this is your company then good luck. Nope. It's a 100K+ person multi-national. ('Nough said.) > I can tell you if I were the client I would require you to not expose > my network no matter how good/safe you believe you are. > > Just because something is easy for you doesn't make it right or safe. This kind of black and white attitude is why everyone hates the InfoSec guy (which I am one of, as I noted). The point is not that I think I am safe or that it's easier, the point is that this "security" policy PREVENTS ME FROM DOING ANY WORK. As any security person knows, security is a trade-off and is never an absolute. Preventing work from getting done is a bad trade-off from a business perspective and in the Real World(tm) the business case is going to trump the security case, especially when the security case (exposure) is arguable at best. Having said all of that, I appreciate people looking out for and being aware of security issues. It's just not always as clear cut as we'd all like... And back-hauling is a particular pet-peeve of mine, as I've run into similar issues lots of times before and have found this particular cure to be worse than the disease. Later, JP ----------------------------|:::======|------------------------------- JP Vossen, CISSP |:::======| http://bashcookbook.com/ My Account, My Opinions |=========| http://www.jpsdomain.org/ ----------------------------|=========|------------------------------- "Microsoft Tax" = the additional hardware & yearly fees for the add-on software required to protect Windows from its own poorly designed and implemented self, while the overhead incidentally flattens Moore's Law. ___________________________________________________________________________ Philadelphia Linux Users Group -- http://www.phillylinux.org Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug

Follow-Ups:

Re: [PLUG] back-hauling or not (was VPN issues)
From: "K.S. Bhaskar" <ksbhaskar@gmail.com>

Prev by Date: Re: [PLUG] VPN issues

Next by Date: Re: [PLUG] back-hauling or not (was VPN issues)

Previous by thread: Re: [PLUG] Cat on keyboard

Next by thread: Re: [PLUG] back-hauling or not (was VPN issues)

Index(es):

Date

Thread