RE: Windows 2000 and Cicsco router interoperability

["CHINNA N.R. PELLACURU" <pcn@cisco.com>]

This would be the Authorization piece of the Authentication,
Authorization, and Accounting infrastructure.

    chinna

On Wed, 17 May 2000, Chris Trobridge wrote:

> > From: CHINNA N.R. PELLACURU [mailto:pcn@cisco.com]
> 
> > When we use L2TP to provide a VPN link to a user into the 
> > private network,
> > it is just emulating as if the user is on the private 
> > network. When a user
> > requests for VPN access, he has to authenticate and prove his 
> > credentials
> > before he can gain access to private network.
> > 
> > Once the user has gained access, he is virtually on the private network.
> > He can do whatever he would be normally allowed to do when he is
> > physically on the private network. So, if your private network allows one
> > user to easily spoof other users, then that is _not_ a  failure of the VPN
> > technology, but your security infrastructure in the private network.
> 
> This assumes that policy does treat 'dial-in' users as the same as networks
> physically on the network.  I think this is an invalid assumption.  I am
> sure that certain organsisations would regard remote access as being less
> secure and would want to restrict the resources that could be accessed
> remotely.  This doesn't even have to mean that the VPN technology itself is
> inadequate, merely that the environment that the remote user is operating in
> may not be regarded to be secure enough.
> 
> Chris
> 

chinna narasimha reddy pellacuru
s/w engineer

---

References:

• RE: Windows 2000 and Cicsco router interoperability
• From: Chris Trobridge <CTrobridge@baltimore.com>

---

• Prev by Date: Re: Wired query on Windows 2000 and DES/3DES
• Next by Date: A Gentle Reminder....
• Prev by thread: RE: Windows 2000 and Cicsco router interoperability
• Next by thread: RE: Windows 2000 and Cicsco router interoperability
• Index(es):
  • Main
  • Thread