RE: [Nea] RE: Detecting Compromised Endpoints
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: [Nea] RE: Detecting Compromised Endpoints
> But this just has to be answered. There's a fundamental difference
> between compromise of something like an IPSEC client, and compromise
> of an agent. If I compromise an IPSec client in some way, it
> doesn't affect the security state of the VPN gateway, only
> that of the client.
Not so fast. :-)
If an IPsec client is compromised - a malicious host is given access
(via VPN) to the intranet. If a NEA agent is compromised - a malicious
host is given access to the intranet. In both cases the intruder gets a
shot at internal network. The difference with NEA is that NEA's tries to
ensure that most every host connected to the intranet is at the top
security level.
P.S. While I appreciate the concern about the state of VPN gateway,
usually it's not the door lock but the contents of the house that I want
to keep secure. So if an adversary managed to find a way inside - it's
not as important to me whether my door lock stayed intact.
_______________________________________________
Nea mailing list
Nea at ietf.org
https://www1.ietf.org/mailman/listinfo/nea
Note: Messages sent to this list are the opinions of the senders and do not imply endorsement by the IETF.
