DENNING89 Denning, Peter J.; The Internet Worm; American Scientist, Vol 77, March-April, 1989. FIPS73 Federal Information Processing Standards Publication 73, Guidelines for Security of Computer Applications; National Bureau of Standards, June, 1980. FIPS112 Federal Information Processing Standards Publication 112, Password Usage; National Bureau of Standards, May, 1985. MACAFEE89 McAfee, John; The Virus Cure; Datamation, Feb 15, 1989. NBS120 NBS Special Publication 500-120; Security of Personal Computer Systems: A Management Guide; National Bureau of Standards, Jan 1985. SPAFFORD88 Spafford, Eugene H.; The Internet Worm Program: An Analysis; Purdue Technical Report CSD-TR-823, Nov 28, 1988. THOMPSON84 Thompson, Ken; Reflections on Trusting Trust (Deliberate Software Bugs); Communications of the ACM, Vol 27, Aug 1984. 7..3.4 NAI White Paper. “Current Computer Virus Threats, Countermeasures and Strategic Solutions”.1997 7.4 NAI White Paper. “Current Computer Virus Threats, Countermeasures and Strategic Solutions”.1997
202 202 8.0 Virtual Private Networks: Introduction 8.1 Making Sense of Virtual Private Networks The VPN market is on the verge of explosive growth. A virtual private network (VPN) broadly defined, is a temporary, secure connection over a public network, usually the Internet. Though the term is relatively new, everyone from the telcos, to operating system vendors, to firewall suppliers and router companies has rushed to offer some type of VPN capability. Why? Because VPNs make sense, and as a result, the market is expected to reach at least several billion dollars by the year 2001. By leveraging the Internet, VPNs offer significant cost savings, greater flexibility, and easier management relative to traditional internetworking methods, such as leased lines and dial-up remote access. However, choosing an appropriate solution from the recent flood of VPN offerings can be a difficult task for information technology managers who have no spare time. Each solution presents varying levels of security, performance, and usability, and each has its benefits and drawbacks. Though a catch-all Internet security solution sounds appealing, there is currently no product that can equally address the different aspects of securing online communication. As a result, the VPN market has begun to stratify according to corporate demands for tighter security, better performance, and effortless usability and management. To select an appropriate product, IT managers should be able to define their corporation's particular business needs. For instance, does the company only need to connect a few trustworthy remote employees to corporate headquarters, or does the company hope to create a secure communications channel for its branch offices, partners, suppliers, customers, and remote employees? At minimum, a VPN should encrypt data over a dynamic connection on a public network to protect the information from being revealed if intercepted. Beyond that basic function, VPN features customarily include tools for authentication, and a limited number provide integrated access control and authorization capabilities. In
You've reached the end of your free preview.
Want to read all 325 pages?