We help IT Professionals succeed at work.

We've partnered with Certified Experts, Carl Webster and Richard Faulkner, to bring you a podcast all about Citrix Workspace, moving to the cloud, and analytics & intelligence. Episode 2 coming soon!Listen Now

x

Explaination of secure access with SSL and VPN

Medium Priority
336 Views
Last Modified: 2010-04-11
So let's say you are at an airport, no encryption on the wireless link, but you use a VPN client such as Cisco, or connect to web sites using SSL. Does this  mean you are secure?/ And you can disregard the WEP or WAP security from the wifi device?  If someone is sniffing, is it all encrypted?
Comment
Watch Question

Commented:
it is secure if you are using ssl or ipsec (vpn) the traffic is encrypted and nobody can see it (or at least it is very very very difficult (almost impossible) that somebody can decrypt it)

Not the solution you were looking for? Getting a personalized solution is easy.

Ask the Experts

Author

Commented:
and adding wep or wap into mix is another layer of higher security?

Commented:
it is not extremely significant once you use IPSec, a little more for SSL, if you can choose use WAP and if you can add it 802.1x features.
There's a wiki for this at:
http://en.wikipedia.org/wiki/Virtual_Private_Network

Think of your communications over the internet (or wifi) as cars going through a mountain tunnel. If you don't shore up the tunnel with braces, it's going to collapse and rocks will get into your tunnel. But if the tunnel is properly secured, cars going through it will be safe.

Likewise you can make a VPN connection from your laptop through most anything (wifi, internet, lan, ...), but in it's raw form, it's an unsecured tunnel. If it's not secured properly, people can get in. If you use ipsec or SSL it will protect your communications by making a hardened, resistant tunnel. No matter where it goes, or over what computer it passes, it's going to be very difficult to break.

Now WEP or WAP creates a (somewhat) secure tunnel between you and the wifi device. But once hitting the internet, your tunnel is wide open. Should you disregard WEP or WAP on wifi? Yes, if you have setup some form of encryption on your VPN, you're just making a secured tunnel within a secured tunnel. True, nothing will even get through, but it's overly redundant.
Rich RumbleSecurity Samurai
CERTIFIED EXPERT
Top Expert 2006
Commented:
WEP and WPA are an added bonus to SSL and or Encrypted VPN tunnel, your very safe even without WEP/WPA. If your VPN uses a split-tunnel, internet traffic, like google.com, IM, hotmail etc... will go over the wep/wpa wifi access point, and internal traffic like company exchange email, or connecting to a shared drive/printer on the corporate lan, that traffic will go over the VPN tunnel. If you connect to an SSL site on the internet, and are split tunneling your secured by SSL.
-rich

Author

Commented:
Thanks for the input guys.

Yeah as a system admin I wanted to make sure that when I'm say in an airport and login with my domain admin user account on a open unencrypted Wifi access point, that no one could sniff what I am doing since I am browsing SSL 128bit secured sites.


Thanks again!
Access more of Experts Exchange with a free account
Thanks for using Experts Exchange.

Create a free account to continue.

Limited access with a free account allows you to:

  • View three pieces of content (articles, solutions, posts, and videos)
  • Ask the experts questions (counted toward content limit)
  • Customize your dashboard and profile

*This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

OR

Please enter a first name

Please enter a last name

8+ characters (letters, numbers, and a symbol)

By clicking, you agree to the Terms of Use and Privacy Policy.