Chris Inskeep wrote:
>
> mam wrote:
> >
> > On Mon, 31 Mar 1997 mmozes @
fujitsu .
ca wrote:
> >
> > >
> > > Can someone tell me how secure Frame Relay network is?
> >
> > How secure do you believe the telco's network is? To exploite the frame
> > you need switch level access (or someone who does).
> >
> > Mike
> > ( ( | ( Mike Malik (mam @
ssds .
com)
> > ) ) (| ), inc. 9841 Broken Land Parkway,Suite 100
> > business driven Columbia, MD 21046
> > technology solutions 410-381-4313 FAX: 410-381-2170
> A really good point is raised in this observation. We put firewalls in
> place to protect our networks, but tend to forget about the public
> networks that carry our data between firewalls. Does anyone remember
> the MCI case a couple of years ago? I am less than sanguine about the
> security of the telco people -- after all security is a cost and they
> are after a profit. Has anyone put security reqs with real penalties
> into their contracts with the telcos? AND the results? I suspect
> there would be a fair number of no-bids....which makes a compelling
> argurment for encryption -- but for the people who are uncomfortable
> with commercially available encryption, how much of a comfort is that?
>
> Cheers,
> C. Inskeep
There are several solutions to encryption across WAN links
including Frame Relay. The Cisco routers have a software option with for
the 11.2.4 IOS that gives you either 40 (not secure) or 56 bit DES
encryption and secure router authentication and key ditribution. The
info on the 56 bit key length is that is takes 19 days and $500,000 to do
a brute force attack. As the $ increases, the time goes down. The other
consideration is what % of the info needs security. If only 2-4% is
valuable to the snooper then it becomes cost prohibitive ( unless it is
extremely valuable) to break all of your traffic to get at that piece.
The other option is a stand alone encryptor between your router
and the wan. The company I am familiar with in this arena is Cylink out
of San Jose Ca.
Good luck, Vern Williams
|
|
