Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

Explaination of secure access with SSL and VPN

Posted on 2006-10-26
6
Medium Priority
?
316 Views
Last Modified: 2010-04-11
So let's say you are at an airport, no encryption on the wireless link, but you use a VPN client such as Cisco, or connect to web sites using SSL. Does this  mean you are secure?/ And you can disregard the WEP or WAP security from the wifi device?  If someone is sniffing, is it all encrypted?
0
Comment
Question by:shankshank
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
6 Comments
 
LVL 3

Assisted Solution

by:mahe2000
mahe2000 earned 400 total points
ID: 17813938
it is secure if you are using ssl or ipsec (vpn) the traffic is encrypted and nobody can see it (or at least it is very very very difficult (almost impossible) that somebody can decrypt it)
0
 
LVL 5

Author Comment

by:shankshank
ID: 17813950
and adding wep or wap into mix is another layer of higher security?
0
 
LVL 3

Expert Comment

by:mahe2000
ID: 17814279
it is not extremely significant once you use IPSec, a little more for SSL, if you can choose use WAP and if you can add it 802.1x features.
0
Looking for the Wi-Fi vendor that's right for you?

We know how difficult it can be to evaluate Wi-Fi vendors, so we created this helpful Wi-Fi Buyer's Guide to help you find the Wi-Fi vendor that's right for your business! Download the guide and get started on our checklist today!

 
LVL 3

Accepted Solution

by:
bsautter33 earned 1000 total points
ID: 17814732
There's a wiki for this at:
http://en.wikipedia.org/wiki/Virtual_Private_Network

Think of your communications over the internet (or wifi) as cars going through a mountain tunnel. If you don't shore up the tunnel with braces, it's going to collapse and rocks will get into your tunnel. But if the tunnel is properly secured, cars going through it will be safe.

Likewise you can make a VPN connection from your laptop through most anything (wifi, internet, lan, ...), but in it's raw form, it's an unsecured tunnel. If it's not secured properly, people can get in. If you use ipsec or SSL it will protect your communications by making a hardened, resistant tunnel. No matter where it goes, or over what computer it passes, it's going to be very difficult to break.

Now WEP or WAP creates a (somewhat) secure tunnel between you and the wifi device. But once hitting the internet, your tunnel is wide open. Should you disregard WEP or WAP on wifi? Yes, if you have setup some form of encryption on your VPN, you're just making a secured tunnel within a secured tunnel. True, nothing will even get through, but it's overly redundant.
0
 
LVL 38

Assisted Solution

by:Rich Rumble
Rich Rumble earned 600 total points
ID: 17815977
WEP and WPA are an added bonus to SSL and or Encrypted VPN tunnel, your very safe even without WEP/WPA. If your VPN uses a split-tunnel, internet traffic, like google.com, IM, hotmail etc... will go over the wep/wpa wifi access point, and internal traffic like company exchange email, or connecting to a shared drive/printer on the corporate lan, that traffic will go over the VPN tunnel. If you connect to an SSL site on the internet, and are split tunneling your secured by SSL.
-rich
0
 
LVL 5

Author Comment

by:shankshank
ID: 17889438
Thanks for the input guys.

Yeah as a system admin I wanted to make sure that when I'm say in an airport and login with my domain admin user account on a open unencrypted Wifi access point, that no one could sniff what I am doing since I am browsing SSL 128bit secured sites.


Thanks again!
0

Featured Post

Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If you're a modern-day technology professional, you may be wondering if certifications are really necessary. They are. Here's why.
Tech spooks aren't just for those who are tech savvy, it also happens to those of us running a business. Check out the top tech spooks for business owners.
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…

636 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question