[Info-vax] Still no IPSEC for TCP/IP services?

Doug Phillips dphill46 at netscape.net
Wed May 23 20:20:09 EDT 2012 

On May 23, 5:25 pm, "Richard Maher" <maher... at hotspamnotmail.com>
wrote:
> "David Froble" <da... at tsoft-inc.com> wrote in message
>
> news:jpj6bb$83j$1 at dont-email.me...
>
> >> Juniper VPN any use?
>
> >> Cheers Richard Maher
>
> > I honestly don't know.  I'm doubting it.  I'm ASSUMING that any appliance
> > would need any connections established directly from the appliance.  I
> > could be wrong.
>
> > What I envision is having a database of pre-arranged partners and bring up
> > and take down specific connections upon demand.  I'm not aware of anything
> > secure that can be set up without prior cooperation from the remote end,
> > but maybe I don't get out much.
>
> > As a client I'd expect that required connections would be known.
>
> > As a service I'd expect that new and previously unknown connection
> > requests would be normal.
>
> > Since most of the data is lawn mower parts, we're rather comfortable with
> > unencrypted socket connections.  But when a credit card number is part of
> > the data, things get rather ugly.
>
> > I still haven't found a solution that I like.
>

Richard, you say:


> Yes IPSEC on VMS is what you want/need. As others have said Multinet has it
> now.
>

and then:

> Like you, I don't know enough about the Juniper SSL VPN offering but it
> sounds like it fits the bill(ish).

Are those two statements related to each other? From what I read, the
Juniper SSL VPN doesn't do IPsec. Some of their other models, do.

> Whether the client install is an Applet
> or something that requires much configuring, I do not know.


I read: "Uses SSL 	Secure remote access solution with no
client software deployment, no maintenance, and no changes to
existing servers."

I guess they presume the client's browser has SSL built in. Are
there any browsers that can't do HTTPS today?

> All I've done is
> watch the clip on their web-site.
>
> If someone here knows more then please let us know.
>

I know nothing more. I use Cisco and WatchGuard and it looks like
Juniper has a similar product line.

AFA what David wants to do, it sounds like typical e-commerce web-
server
stuff. I don't see what IPsec would do for him unless his serving-
partners
require it. Any access to some partner-owned data would either need
them to have the data exposed, or it would need "prior cooperation
from the remote end." Not enough information to say anything for sure.

More information about the Info-vax mailing list