Achieving Wireless Security with Interoperability
Though the concept of an ultra-high level of wireless networking security and information assurance is somewhat opposed to the concept of open interoperability with a wide spectrum of 3rd party vendors' wireless equipment, this paper is intended to show that 3eTI FIPS 140-2 validated and Common Criteria certified wireless equipment are interoperable with multiple vendors' IEEE 802.11-compliant equipment, and that 3eTI solutions are non-proprietary. 3eTI has blazed the trail in marrying the IEEE 802.11i commercial standard for enhanced wireless security with FIPS 140-2 validation requirements per the NIST Cryptographic Module Validation Program (CMVP).
|
|
Remote Access VPN and a Twist on the Dangers of Split Tunneling
If you ever want to get a rise out of your ISA firewall VPN administrator, try asking him how you enable split tunneling for your remote access VPN client connections. Split tunneling is a major security risk for any organization that deploys any type of VPN server enabling users VPN remote access to the corporate network. All firewall and security administrators know of the dangers of split tunneling and do whatever they can to prevent this from happening.
|
|
|
|
Evolution by Proxy Server
Proxy servers share Internet access at the application level, which means every client program must be individually configured to talk to the proxy server. This is an effective way to allow extremely limited kinds of Internet access, but many organizations found the configuration requirements to be a burden. With the development of Network Address Translation (NAT), organizations could share an Internet connection at the network level, which greatly simplified the process.
|
|
Getting Linux Online via a Windows Proxy using AnalogX
This document is intended for those of you who are having trouble figuring how to configure PPP networking for your Linux box. Or maybe you found out too late that you have a WinModem, and haven't gotten around to getting a new one. I found a great temporary solution for those of you who want to be able to get online on your Linux box using your other Windows box as a Proxy server, bypassing your PPP networking headaches. This is a great way for you to get online with your Linux box to download the drivers you need to compile/install to get all your hardware in your Linux box running. Then you can break your tether to the Windows box if you want to!
|
|
Fixing common DNS problems
How to Keep Your DNS from Blocking Mail Delivery from your and your Clients' Mail Servers. Short, snappy headlines rule, OK! IPv6, when widely implemented (you do have a plan, don't you?) will fix a ton of Internet security problems. Until Nirvana arrives, we'll have to do the best we can with the (DNS) technology in hand, which is a lot better than than mess we've got now.
|
|
Microsoft DNS
Microsoft DNS is not a requirement for Active Directory. Microsoft DNS on Windows 2000 is RFC-compliant and allows for the deployment of Active Directory under other DNS implementations. It has been tested to work with Windows NT 4.0, BIND 8.2, BIND 8.1.2, and BIND 4.9.7.
|
|
Supporting ISA Firewall Networks Protecting Illegal Top-level Domains: You Need a Split DNS!
Of all the issues in ISA firewall networking, the one that most commonly gets people hot under the collar is that of the split DNS. Ive never been able to figure out why barriers go up for a lot of folks when you begin to talk about a split DNS. Maybe it's because they believe they need to rename their internal network domains, or that they think there is an adverse security impact, or maybe its just because DNS is so difficult to understand in the first place, that the idea of further complicating the issue puts them over the edge.
|
|
Enabling DHCP Relay for ISA Firewall VPN Clients
We all know that the ISA firewall provides unparalleled firewall protection when the ISA firewall is placed on the Internet edge, DMZ, or on one of the perimeters of you internal network security zones. In addition to the ISA firewall's state of the art stateful packet and application layer inspection mechanisms, the ISA firewall is a one of a kind VPN server and VPN gateway that allows both remote access and VPN gateway connections to the ISA firewall. Of all the VPN devices I've ever worked with (and I've worked with a lot of them), the ISA firewall's VPN is the easiest to configure and the most secure I've ever seen.
|
|
Routing in Linux
Before beginning, you should make sure that Linux has been set up properly on the machine you intend to use as a router. Check that TCP/IP networking is installed properly by trying to ping 127.0.0.1, then check that ipchains is installed by typing "ipchains -L" (note: the machine set up as a router for this article used a Server install of RedHat 6.2, and all networking services were installed and set up properly by the installation program)
|
|
Sorting Through the Hype of Ubiquitous Secure Remote Access and SSL VPNs
If I told you that I could give you a car, exactly like the car you already own with the exception that it gets 1,000 miles/gallon and would have no maintenance costs for 10 years, would you start asking me about adding cup-holders? I doubt it-I sure wouldn't. However, if I told you that I could replace your existing remote access solution with one that provides the exact same capability, but has increased deployment flexibility, increased security options, a lower TCO and faster ROI-I am constantly questioned about whether it can provide "ubiquitous" access. The short answer is "No." The real answer is "No. You shouldn't expect it to, don't really want it to and don't really need it."
|
|
Actions
Category Stats