On Mon, 19 Oct 2009, Richard Chycoski wrote: > Microsoft isn't the only company talking about these kinds of > capabilities. The expectation to be able to use every kind of device > (laptop, smartphone, etc.) along with corporations' desire to stop > having to pay for them (let the employees buy their own!) means that > many corporations are starting to punch all kinds of holes of various > flavours into their network to let people use their iPhone/Windows > Mobile phone/Pre/etc. as well as individually owned laptops, even > internet-cafe machines and they need a way to do this securely. VPN can > be a liability in this milieu - the opportunity to infect more than just > the employee's mailbox becomes huge when your VPN connection gives you > access to an entire corporate network. By providing intelligent gateways > to specific services that don't give away the entire farm for the price > of an acre, companies may become *more* secure by reducing the use of > VPN access, and building smarter gateways to services. > > Most employees don't need (or want) to be able to connect to most of the > infrastructure, they just want (and need) the services that they use. > Now, there are different ways to attain that goal, Microsoft's method > isn't the only way, it's only the tip of the iceberg.
I have a couple problems with this. 1. For most companies there is a huge amount of sensitive stuff in the things that are going to be exposed (even if it's just e-mail) 2. For most of the things that it makes sense to expose there are good, well-tested protocols available to do allow secure access. However Microsoft has decided not to support those protocols. Letting them invent something new to try and let their existing software tunnel seems wrong. 3. Microsoft doesn't have a good track record when creating new protocols, so I would not want to try and use this until it's been out for a little while and people have had a chance to beat on it. David Lang > - Richard > > > Esther Schindler wrote: >> On Oct 19, 2009, at 3:11 PM, Tom Perrine wrote: >> >>> Depending on the company, it may mean "yet another MS feature that >>> we have to disable". >>> >> >> This alone makes me very glad I asked. <big smile> >> >> Because if YOU folks don't know about this stuff already then for >> damnedsure the average CIO won't know about it. Which means it's great >> fodder for Lisa's article. >> _______________________________________________ >> Discuss mailing list >> Discuss@lopsa.org >> http://lopsa.org/cgi-bin/mailman/listinfo/discuss >> This list provided by the League of Professional System Administrators >> http://lopsa.org/ >> > > _______________________________________________ > Discuss mailing list > Discuss@lopsa.org > http://lopsa.org/cgi-bin/mailman/listinfo/discuss > This list provided by the League of Professional System Administrators > http://lopsa.org/ > _______________________________________________ Discuss mailing list Discuss@lopsa.org http://lopsa.org/cgi-bin/mailman/listinfo/discuss This list provided by the League of Professional System Administrators http://lopsa.org/
