GRE without encryption - what are the risks?

S

Sergey2017-07-14 13:03:56

VPN

Sergey, 2017-07-14 13:03:56

We have Mikrotik with a single-core processor at 600 MHz.
It is necessary to raise 60+ VPN tunnels.
For the test, we raised 4 tunnels with IPsec and received an increase in the load of Mikrotik + 30-35% with peaks up to 80% of the processor load.
Hence the options:
* refuse encryption - and then the current router may be enough.
* select another router for our task.
If we refuse encryption - what risks will we get? what threats?
I understand that if someone deliberately wants to harm, he can do it, but how easy is it?
And what are the risks of "accidental" threats? activity of any botnets and other automated malware.
PS. if I wrote something clumsily - I ask you not to fill in the comments and ask a question or clarify how it is right.

Reply

Answer the question

In order to leave comments, you need to log in

1 answer(s)

P

poisons, 2017-07-14
@poisons

So decide whether you need encryption or not. If encryption is not used, then your traffic can be easily viewed by the provider together with comrades from department K.
If necessary, please go to the nearest store for hex r3 - they promise to stuff 400+ Mbps into ipsec.
At the same time, it is also worth mentioning that if you do not encrypt the tunnel itself, then the data inside the tunnel may already be encrypted, as in the https example.