Version: 2008
Advanced Search
advertisement
advertisement

Forum display:

Broadband: Making My Cisco VPN even better

by tennywont - 10/4/08 1:06 PM
advertisement
Click Here
Post 1 of 6

Making My Cisco VPN even better

by tennywont - 10/4/08 1:06 PM

My company's Cisco VPN gives us no trouble, but there is increasing sensitivity to the normal authentication measures we impose--a simple username and password. I know we can manage these policies in to steadily increasing complexity but it would be great to enhance security through some (hopefully without deployment of tokens and certificates). Any ideas?

Reply
Permalink
Report offensive post
Post 2 of 6

2-factor authentication solutions.

by agoldwater - 10/18/08 5:40 PM In reply to: Making My Cisco VPN even better by tennywont

There are some 2-factor solutions that don't require purchase or management of tokens. These allow you to leverage hardware already in the hands of your users--phones and pagers. I would recommend phone solutions these days for a few reasons, not the least of which is that more people have phones these days than pagers.

Reply
Permalink
Report offensive post
Post 3 of 6

Phone solutions

by john_j_berry123 - 10/20/08 7:38 PM In reply to: 2-factor authentication solutions. by agoldwater

Hi Guys,

What happens if you lose your phone? Isn't that a security risk?

Reply
Permalink
Report offensive post
Post 4 of 6

low security risk

by baxtersingh - 10/25/08 11:25 AM In reply to: Phone solutions by john_j_berry123

Although it would be bad for you if you lost your phone, It would not be a security risk per se, unless the person who happened to find it also knows your username and password. You could very quickly transfer the second factor authentication to another phone--say your landline and be just fine. I've fiddled with a service called PhoneFactor (www.phonefactor.com/solutions/remote-access-vpns/) which has worked well for us. There is some pretty good flexibility managing a 2nd factor solution for cisco remote access vpn authentication

Reply
Permalink
Report offensive post
Post 5 of 6

Thanks, I feel better

by john_j_berry123 - 10/27/08 6:51 PM In reply to: low security risk by baxtersingh

Thanks for that point, yes your right, losing your phone is only a concern if they know your username and password, so it's really a moot point.

I actually downloaded and set-up Phone Factor, I've been concerned about the strength of Username & Password only protection for a while. Phone Factor was so easy to set up!!!!

Man, all good so far. I'm sleeping better.

Reply
Permalink
Report offensive post
Post 6 of 6

You found it!

by tennywont - 11/8/08 8:26 PM In reply to: Thanks, I feel better by john_j_berry123

Congratulations, I was going to suggest PhoneFactor or some other token-less, certificate-less solution to start.

Reply
Permalink
Report offensive post
rss
Forum legend:
Locked Locked thread
Moderator Moderator
CNET staff CNET staff
Samsung staff Samsung staff
Norton Authorized Support team Norton Authorized Support team
AVG staff AVG staff
Windows Outreach team Windows Outreach team
Dell staff Dell staff
Intel staff Intel staff
Powered by Jive Software
Forums
Site map
FAQs
Usage policies
Real time activity
Meet the moderators
Popular topics
Apple iPhone
Apple iPod
Cell phones
Dell
GPS
LCD TV
CNET sites
CNET Site map
CNET TV
Downloads
News
Reviews
Shopper.com
More information
Newsletters
CNET Mobile
Customer Help Center
RSS
CNET Widgets
About CNET