I see some big company using firefox version 45.x.x to connect to their vpn, is there any concern of doing this? [closed]

Question

why not just use usual vpn tools? like outline or openvpn or any else, is there any security concern? and of course that's an old version of firefox, why not use another browser with latest version? or maybe firefox with latest version

Answer 1

The answer lies probably in some kind of security policies in that company.

Maybe their VPN gateway is running an obsolete version of VPN server? Maybe, for the users' UX they're using Java Applet based VPN clients? New browsers don't allow running Java Applets (NPAPI in Firefox was abandoned in 2018).

Why not using other VPN solutions: maybe the cost of implementation (including trainings, auditing, etc) is too high, and the company has mitigated risks in some other ways (for example with strict Internet traffic filtering, allow-lists, Intrusion Detection Systems, etc.)? Maybe there are regulatory limitations, such as FIPS requirement for a VPN solution, which can't be met with popular VPN solutions?

If employees of that company can connect to the Internet without any restrictions (web sites' allow-list) the risk of introducing malware into company LANs is very high while using such outdated browsers. In big companies, such risks are mitigated with additional security controls.

To sum it up: I recommend getting knowledge with that company's internal security policies to get the whole picture.