Linked by David Bogen on Mon 26th Jan 2004 04:47 UTC
For many systems administrators, choosing and managing a VPN system is often quite a headache. Inflexible clients, servers, and protocols often prevent VPN's from being smoothly integrated into an already functioning network. The fact that many VPN clients are installed on users' home computers, well out of the reach of the systems administration team, often means that troubleshooting and upgrading VPN systems is time consuming and a struggle for both admins and users.
Permalink for comment
To read all comments associated with this story, please click here.
To read all comments associated with this story, please click here.
Recent Original Stories
Recent Comments
Headlines
Random Comments
Random Stories
Random OS Link
@ Gabriel Ebner
Yes. See for example "Cryptographic Hardware Support" (OpenBSD's support, not OpenVPN's support) at http://www.openbsd.org/crypto.html for a list.
@ Chris Hamant
IPsec / VPN -> Transport layer.
SSL / SSH -> Application layer.
The difference or preference depends on what you want.
Imagine you work at a company and there's 2 offices. 1 in Great Britain, the main office. One in Germany, a small one. Now, a new software package got released which has to be moved to Germany over the internet in a secure way.
FTP to 10.0.200.1 which is then encrypted over the internet by VPN/IPsec. It goes a bit slower than over LAN but otherwise it is transparent.
Otherwise the internet address has to run FTP over SSL [the horror] or SSH.
VPN / IPsec also gets rid of NAT.
Those are a few practical differences...
A few years ago there was a brilliant article in C'T about VPN.