By submitting your email address, you agree to receive emails regarding relevant topic offers from TechTarget and its partners. You can withdraw your consent at any time. Contact TechTarget at 275 Grove Street, Newton, MA.
You'll need to create a firewall rule allowing inbound access on the firewall protecting the destination environment. You should definitely create a point-to-point rule that limits inbound access to the source IP address of the other tunnel endpoint; regardless, this rule still allows some extra degree of inbound access. When you have the choice of adding complexity to a less sensitive or more sensitive environment, you should opt to add it to the less sensitive environment.
Remember that complexity is the enemy of security: it makes verification of security controls more difficult and increases the likelihood of a configuration error. Adding the inbound rule to the less secure environment increases the complexity of that environment rather than the more secure one.
Related Q&A from Mike Chapple
Web application firewalls may be a way to better security, but organizations need to be aware of the compliance implications of WAFs.continue reading
An SEC report shows over three-quarters of financial institutions were subject to at least one cybersecurity attack. Expert Mike Chapple looks at ...continue reading
The Data Accountability and Trust Act is likely to become a law this year. Expert Mike Chapple advises organizations on how to prepare.continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.