A customer is proposing giving remote access to FactoryPMI by forwarding all traffic on the relevant port to the FactoryPMI server. This then puts all the security responsibility onto FactoryPMI. I need to be sure that this doesn’t become a back door onto his network.
I’m just back from a seminar outlining the use of IPSec-based VPNs. This approach was nice because it stopped unauthorised traffic before it got onto the network. How does using SSL to access FactoryPMI compare in terms of security? If we implemented an IPSec-based VPN, am I correct in thinking there would then be no reason to enable SSL for FactoryPMI?