Thread: should I encrypt over a private network?
View Single Post
  #4 (permalink)  
Old 05-27-2008, 02:01 PM
marlow.andrew@googlemail.com
Guest
  
Posts: n/a
Default Re: should I encrypt over a private network?
Ertugrul Söylemez wrote:
> marlow.andrew@googlemail.com wrote:
>
> > Suppose a company has 2 sites, A and B, one is primary, the other is
> > secondary for DR reasons. A and B are separated significantly
> > geographically. Both A and B use a SAN for their data. A and B are
> > connected by a private network. The SAN data is replicated between A
> > and B over this private network using some replication product.

> The network is only being private in that selected people are given
> access to it

No, not in this case. I should have been clearer. It is private
because there is dedicated circuitry. It really IS a private network,
NOT a VPN.

> In practice, the network is
> just as open as all geographically diffused networks. Someone may
> install wiretaps or even just connect to the network like all others.

I was worried about breaches originating via inside jobs. Since the
circuitry is private no-one else can connect to it easily. Wiretaps
are still a possibility.

>
> So indeed, your worries aren't unfounded. Usually it's best to encrypt
> the link using your VPN product of choice, like OpenVPN.

This is not a VPN. My understanding (and I am a beginner here) is that
all VPNs use encryption as std.

-Andrew Marlow

Reply With Quote