|
What exactly are you using SSL to protect? I guess I'll assume you're protecting telnet/tn5250 logons... In that case, SSL can be (arguably) more secure than a VPN. Turn on client authenticaion, so that the client MUST present a valid certificate, and have the AS/400 only accept certificates signed by itself. Very secure. And what makes this even more secure than a VPN is that if the remote system were hacked (the end-user that's offsite) then they'd only be able to get a sign-on screen. And with that, they'd have to know a name and password... whereas, with a VPN, they'd have access to the whole network, potentially there'd be something exploitable. Of course, like everything in computer security, if it's set up poorly either option could be insecure... HTH On Wed, 6 Feb 2002, Roger Vicker, CCP wrote: > Hello, > > For an AS/400 (V5R1M0) tucked behind a firewall would using SSL be > that much more of a risk than using the firewall's VPN upgrade and > clients? By opening the needed SSL ports and issuing the certificates > the cost would be minor compared to VPN. The expected users would not > need access to other protected network resources so that added > capability of VPN is not needed. > > Thanks for your expertise and opinions, > > Roger Vicker, CCP
As an Amazon Associate we earn from qualifying purchases.
This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].
Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.