The security problem is the VPN core question. At present, the VPN security guarantees is mainly through the firewall technology, the router matches by the tunnel technology, the encryption agreement and the safe dense spoon realizes, guaranteed sufficiently the enterprise staff safety visits the company network.
But, if enterprise's VPN needs to expand to the long-distance access time, must pay attention, these to the company net direct or the online connection will be the hacker attack essential targets throughout. Because, the long-distance work staff's may contact the company through firewall outside personal computer to budget, central contents and so on strategic planning as well as engineering project, this constituted in the company safe defense system's weakness. Although, the staff may double raise the working efficiency, and reduces the time which spends in the transportation, but simultaneously also for the hacker, the competitor as well as the commercial spy provided entered the company network core innumerably the opportunity.
But, the enterprise has not given the enough value to the long-distance range work's security: The majority companies believed that after the company network is in together the network firewall, is safe, the staff may the digit dialing enter the system, besides but the firewall will resist all illegal requests; Also some network administrators believed that provides VPN for the network establishment firewall and for the staff, enables them to be possible to enter the company network through an encryption tunnel digit dialing is safe. These views are incorrect.
In the home work is good, but looking from the safe viewpoint, it is one kind of enormous threat, because, the company uses the majority security softwares have not provided the protection for the home computer. Some staffs do merely enters a home computer, follows it to enter the company network system through an authorized connection. Although, company's firewall may isolate the trespasser in outside, and guarantees between the main office and the Home office the VPN information security. But the question lies, the trespasser may the user who trusts enter through one network. Therefore, the encryption tunnel is safe, the connection is also correct, but this does not mean that the home computer is safe.
The hacker to invade staff's home computer, needs to survey the IP address. Some statistics indicated that the use digit dialing connection's IP address receives hacker's scanning nearly every day. Therefore, if has a such as DSL uninterrupted connection link in the home office workers (usual this kind of connection to have a fixed IP address), will make hacker's invasion to be easier. Because, digit dialing connection when each time turns on is assigned the different IP address, although it can also invade, but wants difficult somewhat relatively. Once the hacker has invaded the home computer, he then can the long-distance movement staff's VPN client side software. If needs to input the password, may the long-distance record or examines the screen to keyboard's rap to demonstrate, such hacker then may see the staff sees all.
Other pages: : 1 * 2 * Next>>
|