Tuesday, March 13, 2018

If everything we send out the front door today is encrypted, do we really need vpn tunnels any more?

Had this discussion with a colleague yesterday. While we were setting up an IPSEC VPN, we were musing "how fast would it get hacked if we just sent it out in the clear?"

We came to the conclusion that pretty much everything going across that tunnel is natively encrypted anyway: SSL/TLS, SSH, etc. Even our phone stuff is encrypted (SRTP).

Also that the ISP is probably a pretty secure environment now, and how it would not be easy for someone to just intercept the traffic and SPAN/TAP it and grab all your goodies.

We started to think, are these tunnels even necessary in this age? Why not just eliminate the overhead?

Of course in the end we did our duty, but the genie is out of the bottle now.

Thoughts?



No comments:

Post a Comment