Is a GET VPN Safe?
In case you haven’t heard of GET (Group Encrypted Transport) VPN it’s a newer method of virtual private networking (VPN) that can replace IPSEC mesh VPNs and be laid over an MPLS VPN for added security. What’s so cool about a GET VPN is that you don’t have to configure the network device at each location in the VPN to connect to other sites statically. All that is needed is to have each box register with centralized Key Servers to get policies about the other sites and what network services can run between them. Once the sites start exchanging data it is not encapsulated in a tunnel yet still encrypted and secure. One of the other nice features is that you can run things like dynamic routing protocols and multicast easily which is sort of hairy using other VPN techniques.
It’s come to light recently that there may be some security concerns with GET VPN. Don’t get me wrong, I don’t think this is a show stopper, but definitely some good things to consider to be sure these short comings wouldn’t be harmful in an implementation. I’ll let Jan Bervar from NIL take it from here: As Good as it GETs?
Recent Comments