[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[FW1] VPN Security using SecureRemote and Cable LAN Modems

To: 'Fw-1 Mail List' <fw-1-mailinglist@lists.us.checkpoint.com>
Subject: [FW1] VPN Security using SecureRemote and Cable LAN Modems
From: "Schepers, Mike" <mscheper@ciena.com>
Date: Thu, 29 Apr 1999 09:33:37 -0400



I have a question regarding SecureRemote.  Many of my users are asking
for higher speed access (i.e. Cable modems) and I am concerned about
their security.  My understanding is that cable modems operate in a
shared environment (community) and most all cable ISP equipment does
not/will not encrypt the data stream from individual users.  Thus,
access is open to even an light-weight hacker.  I understand the
principles behind the SecureRemote offering from CheckPoint that will
create a secure encrypted VPN between the remote PC and the Company
network (through the firewall).

What I can not get a satisfactory answer to is how exactly does the
SecureRemote application works with the PC TCP/IP stack; does it
completely take it over so that ALL communication is secure... or can
this remote PC be used as a gateway system for a hacker to hop between
the Internet and private company network?  Also, does the security
scenario change with the introduction of a cable LAN modem?  For a
company that wants to maintain security should we enforce distributed
PC/personal firewalls?

Following is an excerpt from CheckPoint's web site regarding
SecureRemote... which would seem to indicate that only communication
between the PC and the corporate network is secured... not communication
to the PCs ISP.  And there was not mention of security against an
attempt to use this PC as a gateway point of attack.

	Once established, the VPN will transparently encrypt and
authenticate 
	business critical data traveling between the corporate network
and the 
	user's laptop or desktop PC to protect against eavesdropping and

	malicious data tampering. 

Can anyone point me in a direction where I can obtain some more
conclusive information regarding this issue.

I greatly appreciate your help.

Sincerely,
Mike Schepers (mscheper@ciena.com)



================================================================================
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
================================================================================

Prev by Date: [FW1] THANKS! Re: NT and routing (newbie)
Next by Date: [FW1] SecureView Documentation
Prev by thread: [FW1] THANKS! Re: NT and routing (newbie)
Next by thread: Re: [FW1] VPN Security using SecureRemote and Cable LAN Modems
Index(es):
- Date
- Thread