Slashdot Mirror

← Back to Stories (view on slashdot.org)

Securing Android For the Enterprise

Posted by Soulskill on from the lcars-cream-sandwich dept.

Orome1 writes "While many companies use IPsec for secure remote access to their networks, no integrated IPsec VPN client is available on Android. Apple has already fixed this shortcoming in iOS, in part, because it wanted make the iPhone attractive for businesses. The Android operating system doesn't just lack an integrated IPsec VPN client, it also makes installing and configuring third-party VPN software quite complicated. IPsec VPN clients have to be integrated into the kernel of each device, and the client software has to be installed specifically for a memory area. This means that the firmware of each Android smartphone or tablet has to be modified accordingly. Until a 'real' IPsec VPN client is available, Android users can use their devices' integrated VPN clients based on PPTP or L2TP, which is deployed over IPsec. A 'real' IPsec VPN connection, however, is more secure because it encrypts data prior to authentication."

2 of 136 comments (clear)

  1. Stupid article is stupid by GNUALMAFUERTE · · Score: 1, Troll

    SSH is all you'll ever fucking need. You can do anything you need over SSH, including a true VPN or just VPN-like functionality. And it's as secure as it gets.

    I manage all of my servers from my android devices, and have done so for a long time. What the hell is this guy complaining about?

    Regarding the guy talking about the remote wipe ... well, that's a stupid concept. A lost/stolen phone usually doesn't have network access, and even if you do it as a deads man switch, it's not really secure. Just encrypt whatever important data you have on your device, or even better, just keep it in the cloud and access it from anywhere. All you have to do is wipe your cache regularly.

    --
    WTF am I doing replying to an AC at 5 A.M on a Friday night?
  2. Re:article is out of date - Android 4.0 ICS update by Anonymous Coward · · Score: 0, Troll

    Ahhh wonderfully modded up bullshit on slashdot. Screw the iPhone but come on, PIX OS 7 was End of Life in 2008, and you are complaining that you want to run an OLDER version? Most PIX devices from 2000-2002 will run PIX OS 8... go out and buy a NEW one? Seriously, are you running a 501 or older? Do you have 2 remote employees or ISDN links to your office? 501s push 3mbps of IPSEC traffic. Anything newer (51x and up) supports PIX OS 8 at least.

    Network admins are generally the worst of all the $80k sysadmin sludge out there, they pretend as if being resistant to change makes them good at their jobs. Won't it be fun smugly asking employees if their phone runs 'Ice Cream Sandwich' before letting them know if they can be reimbursed or not.