Implementing Extranets: The Internet as a Virtual Private Network

The following table summarizes some of the solutions and mechanisms for increasing extranet security. Many of these solutions are undergoing rapid development so the table is neither complete nor final, but it will make you aware of at least some of the solutions available for increasing extranet security.
| Security Solution | Pluses for Extranet Security | Negatives for Extranet Security |
|---|---|---|
| Security Policy Guidelines | Establishes and communicates goals and direction for security | Guidelines will be resisted by creative technical people if they are perceived to be edicts. |
| Security Policy Actions | Establishes and communicates actions to enhance extranet security | Tradeoffs will need to be considered as multiple and somewhat conflicting actions may be required. |
| Authentication with passwords or pass phrases | Most end users are familiar with passwords and pass phrases | It is hard to choose and remember strong passwords or pass phrases. However, password generation programs and renewal programs can help overcome this limitation. |
| Token Cards | Token cards are inexpensive and convenient to use | Although these cards can be lost or loaned, they are effective when combined with other security techniques. |
| Biometric Devices | Sometimes capable of identifying individual end users | Expensive and prone to errors due to tolerance margins. |
| Cryptographic solutions | These are increasingly powerful and effective | Not everyone has the software to implement these and there are legal restrictions on their use. |
| Firewall solutions | These are increasingly powerful and effective | These solutions require detailed knowledge of the network for successful... |