Network Hardening
Network Layout 4 : VPN (Remote Access Domain) – Virtual Private Networks (VPNs) with VPN software and Secure Socket Layer/VPN (SSL/VPN) tunnels A Virtual Private Network or VPN enables a computer or network-enabled device to send and receive data through shared or public networks as if it were directly connected to the private network, while it’s benefiting from the functionality, security and management policies of the private network. It was created to establish a virtual pint-to-point connection through the using of dedicated connections, virtual tunneling protocols or traffic encryptions.
Three Strategies for hardening the network environment
1 Firewall Friendly VPN
The increase demands of e-business come with a compelling requirement for data security. Virtual Private Network with IP Security Architecture (IPsec VPN) meets this requirement by providing end-to end encryption and authentication at the IPlayer and protecting confidential data that flows over possibly untrustworthy networks. IPsec has the advantage of a wide scope of coverage and agile granularity of protection; however, incompatibilities exist between IPsec VPN and the Network Address Translation (NAT) that firewalls use.
2 Security policy enforcement:
Means of enforcement of security policy should be a primary consideration throughout the research, test and implementation phases of any security technology. Careful research, review of manufacturer’s documentation, questions presented to vendors and manufacturers, and testing of the technology can serve to meet this criteria. Without a method of enforcement, effectiveness of security policy is questionable at best. While audit trails, hardware analysis and security logs should be reviewed regularly; it is a time-intensive process and this alone alerts the administrator to violations and security threats after they have occurred.
Without a means of enforcement, the administrator is risking the security of the VPN by relying upon the remote VPN users to voluntarily comply with policy. As the secure network perimeter is being extended to encompass the VPN client, security policy must be enforced in ‘real-time’ to protect the integrity of both the VPN client and the network.
Having addressed security policy issues that require the VPN client to have antivirus software installed and using the latest update; policy also requires a properly configured personal firewall to be running on the client PC or Laptop, and requires a time limit on inactive VPN sessions. How is this to be made obligatory, and remove the responsibility from the VPN user to voluntarily comply with policy? The answer is as stated above – by defining the need and carefully researching solutions available to fulfill this need. The VPN Concentrator, a managed antivirus package, will fulfill the dictated requirements.
3 Web content filtering:
Filtering incoming and outgoing traffic, using signatures, reputation ratings and other heuristics. Whitelist allowed types of web content, preferably blocking all executable content by default and use a process to enable individual selected access if a business justification exists. • Preferably disallow ActiveX, Java, Flash Player, HTML inline frames and JavaScript except for whitelisted web sites.
• Preferably use a solution that can similarly inspect SSL traffic for malicious content, especially SSL communications with unfamiliar web sites.
• Preferably use technology that automatically opens downloaded files in a sandbox to detect anomalous behavior such as network traffic or changes to the file system or registry.
• Preferably, since this approach is more proactive and thorough than blacklisting a tiny percentage of malicious domains.
• An example implementation is available at http://whitetrash.sourceforge.net
Reference
www.computer.howstuffworks.com/vpn.htm
www.en.wikipedia.org/wiki/Virtual_private_network
www.iprodeveloper.com
www.cisco.com/c/en/us/td/docs
www.cisco.com/web/about/security/intelligence/firewall-best-practices.html
Remember! This is just a sample.
You can get a custom paper by one of our expert writers.
Get your custom essay
Helping students since 2015
Essay Writing Service Features
Our Experience
No matter how complex your assignment is, we can find the right professional for your specific task. Contact Essay is an essay writing company that hires only the smartest minds to help you with your projects. Our expertise allows us to provide students with high-quality academic writing, editing & proofreading services.
Free Features
Free revision policy
$10Free bibliography & reference
$8Free title page
$8Free formatting
$8How Our Essay Writing Service Works
First, you will need to complete an order form. It's not difficult but, in case there is anything you find not to be clear, you may always call us so that we can guide you through it. On the order form, you will need to include some basic information concerning your order: subject, topic, number of pages, etc. We also encourage our clients to upload any relevant information or sources that will help.
Complete the order form
Once we have all the information and instructions that we need, we select the most suitable writer for your assignment. While everything seems to be clear, the writer, who has complete knowledge of the subject, may need clarification from you. It is at that point that you would receive a call or email from us.
Writer’s assignment
As soon as the writer has finished, it will be delivered both to the website and to your email address so that you will not miss it. If your deadline is close at hand, we will place a call to you to make sure that you receive the paper on time.
Completing the order and download