Posted by: Anonymous Coward
on September 28, 2005 09:32 PM
"Along with strong security we must also factor in ease of use and evaluate the cost of the risk."
I agree with that statement, however, SSL VPN vendors are not explaining the weaknesses of their solutions or methods to configure these devices to avoid those weaknesses. They are doing this in the name of selling more devices and are sweeping the security issues under the rug. This is precluding non-security experts from performing valid risk analysis. So folks are implementing these devices and thinking (analyzing their risk) that they have the same security that their traditional VPN devices provided.
Learn about Linux
Download Linux
Get Linux help
Invalidating effective risk analysis
Posted by: Anonymous Coward on September 28, 2005 09:32 PMI agree with that statement, however, SSL VPN vendors are not explaining the weaknesses of their solutions or methods to configure these devices to avoid those weaknesses. They are doing this in the name of selling more devices and are sweeping the security issues under the rug. This is precluding non-security experts from performing valid risk analysis. So folks are implementing these devices and thinking (analyzing their risk) that they have the same security that their traditional VPN devices provided.
#