Purchase Solution

VPN Threats to Perimeter Security

Not what you're looking for?

Ask Custom Question

1- Early on we learned how routers and firewalls and IDSs inspect inbound and outbound traffic and how we use those features to our advantage in securing the network. Now, Virtual Private Networks encrypt all traffic and make it impossible to inspect what's coming and going. What can we do to assure that legitimate traffic flows and that malicious traffic is stopped? How can you configure the network to manage VPN and non-VPN traffic?

2- This is the post from other student, I need you response if you agree or disagree and why, give me your own opinion. This post is the opinion from the student from the question #1
Configuring the network to manage the VPN aand non-VPN traffic is straight forward. A VPN system consists of a VPN server located with the corporate infrastructure. The VPN server generally is the router or the firewall directly connected to the public network (Internet). This firewall or Router authenticates users when they connect and if they are allowed access, the server will provide mapping to the users so they have access to the internal network as if they were in the office. The authentication processes is the crucial part of identifying users by checking what they are allowed to do. Actually the remote user is required to have a client application capable of communicating with the VPN server and this application will send all data to the VPN server using encryption. In fact the idea of encryption is to secure the connection between the VPN server and the remote user application rather than allowing the remote user to hide activities from the server. At the corporate level even though the VPN user's connection is encrypted they can still have idea of what exactly the remote user accessed when connected to the system. When VPN traffic is generated, it's usually from legitimate source so there is no need to try to monitor traffic flow and stop malicious traffic. The non-VPN traffic can be managed by allowing users only access within the Intranet without going over the perimeter of the router or the firewall. Access to the Internet by users is always monitored by the firewall (especially the incoming traffic). Therefore whatever malicious traffic that will flow between a non-VPN traffic and the firewall will be stopped.

3- This other post from the student from the question #1, Please response if you agree or disagree and why, please explain your opinion about it.

I also want to add that the VPN communications as the name said is private. This means that the communications must remain private between the server and the client. If for whatever reason a server, router or firewall is allowed to monitor or record this communication the privacy side of the communication is gone. For that reason I don't think there will be soon a tool to monitor the communication in the VPN concept. I might be wrong, but this is my understanding. What do you think guys?

Purchase this Solution
Solution Summary

Solution clearly explains the threats to Perimeter Security using VPN

Solution Preview

======================= START of Answer========================

1.

We will look into what a VPN is:

A virtual private network (VPN) is a private communications network often used by companies or organizations, to communicate confidentially over a public network. VPN traffic can be carried over a public networking infrastructure (e.g. the Internet) on top of standard protocols, or over a service provider's private network with a defined Service Level Agreement (SLA) between the VPN customer and the VPN service provider. A VPN can send data e.g. voice, data or video, or a combination of these media, across secured and encrypted private channels between two points.

Coming to the actual question: configuring the network to manage VPN and non-VPN traffic.

By effectively configuring VPN we can assure that legitimate traffic flows and that malicious traffic is stopped. VPN encrypts the data so malicious traffic can be easily filtered ...

Purchase this Solution
Free BrainMass Quizzes
Word 2010: Tables

Have you never worked with Tables in Word 2010? Maybe it has been a while since you have used a Table in Word and you need to brush up on your skills. Several keywords and popular options are discussed as you go through this quiz.

Javscript Basics

Quiz on basics of javascript programming language.

Basic Computer Terms

We use many basic terms like bit, pixel in our usual conversations about computers. Are we aware of what these mean? This little quiz is an attempt towards discovering that.

Excel Introductory Quiz

This quiz tests your knowledge of basics of MS-Excel.

C# variables and classes

This quiz contains questions about C# classes and variables.

View More Free Quizzes
Related BrainMass Solutions

  • Community Policing

    , property within its perimeter, and exterior and interior building spaces, to include all operational systems and procedures along with the security of a facility. ************* I hope this helps.

  • Network Security Issues for ABC Company

    As the company plans to connect remote site/office location to the headquarters via Virtual private network, new security threats will emerge due to such VPN being used in the organization to enable communication between remote offices.

  • network security

    214583 What will be your plan to enhance your network security? Assume that you are the network security officer of one company, what will be your plan to enhance your network security (firewall? VPN? Content level protection?

  • Internet Security

    Traffic over a VPN is encrypted using algorithms to secure data integrity and privacy. Step 3 DMZ (demilitarized zone) or perimeter networking adds an additional layer of security to the firm's local area network.

  • VPN and LAN interconnection

    Tunneling allows the VPN to use the same hardware infrastructure as the internet but with security mechanisms that allow it to be protected during transmission.

  • Virtulization and VPN

    With respect to security, the concerns fall in two categories—passive and active threats.

  • Workplace Securtiy

    Physical security is the first line of defense against potential threats.

  • Smart Perimeter Mapping

    Therefore, choosing a system is predicated upon the security risk posed by the level of inmates that are incarcerated based on their classification, the experience and training of the prison staff, and any potential security threats from outside the prison

  • Networking

    For even better security, many VPN client programs can be configured to require that all IP traffic must pass through the tunnel while the VPN is active.

View More Related Solutions