Interview Question

IT Manager Interview

-Campbell, CA

Hightail

Why are point to point VPNs not exactly the best way to connect LANS

AnswerAdd Tags

Interview Answers

2 Answers

3

The rekey interval is usually 1 or 8 hours, by default. It can be made longer if desired. The biggest downsides I see of VPNs are 1) No firm SLA - VPNs are dependent on the Internet, and thus prone to any performance issues or outages. 2) Limited Scalabilty - As the network expands or changes, all the tunnels must be manually updated (unless you're running a dynamic routing protocol across them). 3) Limited features - For example, it's impossible to bridge the same subnet across a VPN. 4) Complexity - IPSec has lots of options, and if both sides don't match exactly, the tunnel will have problems. This is a big headache if you don't control the equipment on both sides of the tunnel.

Network Security Engineer on

0

The rekeying that occurs plays havoc with monitoring software.

Anonymous on

Add Answers or Comments

To comment on this, Sign In or Sign Up.