Split Tunneling Security

Previous page
Table of content
Next page

Recall from Chapter 4, "Cisco VPN 3000 Remote Access Preshared Key Configuration," that an administrator can enable connecting clients to perform split tunneling. This ability allows the client to send encrypted traffic destined for the remote end of the tunnel. In addition, data destined for the outside world or the local LAN can bypass the encrypted tunnel and be sent as clear text out to the LAN or the Internet. If the client were somehow to be compromised by an attacker while the tunnel was still connected, an attacker could possibly use the client as a transport to attack the central location. A likely deterrent for this type of situation would be to install a software firewall client on the client's workstation. With the firewall in place, you add another layer of defense that attackers would need to break through to achieve their goals.


Previous page
Table of content
Next page
CSVPN Exam Cram 2 (Exam 642-511)
CCSP CSVPN Exam Cram 2 (Exam Cram 642-511)
ISBN: 078973026X
EAN: 2147483647
Year: 2002
Pages: 185
Authors: David Minutella
BUY ON AMAZON
ADO.NET 3.5 Cookbook (Cookbooks (OReilly))
Java for RPG Programmers, 2nd Edition
Cisco IOS in a Nutshell (In a Nutshell (OReilly))
Cisco Voice Gateways and Gatekeepers
Logistics and Retail Management: Emerging Issues and New Challenges in the Retail Supply Chain
Oracle SQL*Plus: The Definitive Guide (Definitive Guides)
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy