|
With that in mind, take a look at what a VPN will not do for your company:
A VPN will not ensure the integrity of the encrypted data. The most common method of encrypting, using the Encapsulating Security Payload (ESP), does include options to make sure that data is not modified after it has been encrypted. However, this does nothing to make sure that the data that is being encrypted is legitimate.
A VPN will not ensure the authenticity of the host sending the data. It is terribly easy to create an encrypted channel between two hosts. Every time you create an SSL connection with your Web browser to shop online or browse your company's private Web site, you are creating an encrypted channel. The real trick is to make sure that you are really connecting to the intended on-line merchant. It may be the case that every octet of data that you send is perfectly encrypted and that you are sending it right to an attacker who is gladly accepting all that you send him.
A firewall will not automatically make sure that your VPN traffic is safe for your network. That is, a firewall cannot do its job on encrypted information. If it could, it would defeat the purpose of encryption altogether.
|