Quoth randall at 2009-10-20 21:25... ... >> Personally, I'd be inclined to go for the VPS solution. That way, your >> people can get access to other network services - > > problem would only be that with VPN ALL their traffic would pass my > server (correct???), this would lead to serious speed/performance > decrease for all other traffic for most of the clients.
Probably me misunderstanding how your network is configured. If the application server is connected directly to the Internet, I'd remove it and have it sitting on an intranet/internal network instead. Then a gateway - whether a hardware router or another Linux box - would deal with firewalling and be the endpoint for the VPN. (I keep saying VPS - I use VPSs, but not VPNs ;-) This way, your server would only be getting the requests it has to handle. Authentication would be identifying users, but it would not be the whole security solution - most of that would be handled upstream. > VPN i guess you ment? it can work with a key AND a password (have not > implemented this tough since the laptops already have encrypted > partitions and strong passwords) That sounds fair enough then. Cheers M -- Matthew Smith Smiffytech - Technology Consulting & Web Application Development Business: http://www.smiffytech.com/ Blog/personal: http://www.smiffysplace.com/ LinkedIn: http://www.linkedin.com/in/smiffy Skype: msmiffy Twitter: @smiffy -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
