Network security general discussion

[Dave Mc]

I am in the process of deciding how to allow remote user access to our
network. I think I want to set up a VPN with both router-to-router IPSEC
tunnels for remote offices and a few PPTP tunnels for users from home. I
don't want to go crazy with security (not sure that's avoidable !).
My basic question is: It seems all the tunnels/encryption/??? in the world
aren't going to do any good if I don't have really strong passwords
everywhere. In other words, if some can crack into one or my router's setup,
they could create their own tunnel, etc. Am I missing something or is it
basically true that anyone's network security is only as good as their
weakest password ?

 

[Kerry Brown]

You can use two factor authentication. Here is one company that has a good
solution.

http://www.authanvil.com/

--
Kerry Brown
MS-MVP - Windows Desktop Experience: Systems Administration
http://www.vistahelp.ca/phpBB2/



"Dave Mc" <DaveMc@discussions.microsoft.com> wrote in message
news:EA5EA5EB-755D-448F-89AB-C4136B784CCC@microsoft.com...
>I am in the process of deciding how to allow remote user access to our
> network. I think I want to set up a VPN with both router-to-router IPSEC
> tunnels for remote offices and a few PPTP tunnels for users from home. I
> don't want to go crazy with security (not sure that's avoidable !).
> My basic question is: It seems all the tunnels/encryption/??? in the
> world
> aren't going to do any good if I don't have really strong passwords
> everywhere. In other words, if some can crack into one or my router's
> setup,
> they could create their own tunnel, etc. Am I missing something or is it
> basically true that anyone's network security is only as good as their
> weakest password ?