Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Community Member

Security Advise on Leased Lines Connections

Hi There,

I'd like to take your advise on whether configuring a VPN tunnel between 2 sites connected through leased line is a security best practise or not?

I know that a leased line is a dedicated connection between 2 sites but still it passes through the provider's network so is VPN a good practise in this case?

Regards,

Haitham

2 REPLIES

Re: Security Advise on Leased Lines Connections

yes its good idea to configure the site to site vpn tunnel between it and its also good idea to use IP Sec with tunnel so you can have your data in very secure form...

regards

Devang

Gold

Re: Security Advise on Leased Lines Connections

This depends on how much you trust your provider and the type of data.

Your provider can capture and monitor all your data. In most cases there is nothing that will give them any business advantage by spying on your data. There are agreements in place in most oontracts about disclosure of information. Bad individual employees could do things but then so could employees at your company.

Now for speical data like customer bank data or medical records you are required in many contries to encrypt this data. In best practice it would encrypted by the servers themselves or very close to the servers since this type of data is not meant to be even sent over a local network in the clear. In this type of case you must encrypt the data even on leased lines if it is not already encyrpted.

Depends how parnoid you are. Technically all someone has to do it be able to get access to the wires. I have taps that we place in our t1/e1 circuits when I need to connect a sniffer to the line. I assume if you had bad intentions you could splice one of these to the middle of a wire.

The reason not to do it of course the cost of the equipment to do encryption and the overhead it places on the circuits. You will loose at least 10% or more of your bandwidth depending on how you configure it.

167
Views
9
Helpful
2
Replies
CreatePlease to create content