Professional Documents
Culture Documents
What Is Virtual Private Network
What Is Virtual Private Network
Network Vulnerabilities-
All the perimeter defence mechanisms in the world will not protect your network from an internal user who
either intentionally or inadvertently deletes important corporate data files. Many network administrators
focus solely on external threats to the exclusion of security policies that should mandate network access and
usage rules for internal users. So, all network security initiatives should begin with identifying the critical
network resources with relevant and appropriate user access rights. Thus, security products and protocols
should only be employed to enforce an overall Network Security policy. The key point is that a network
security policy must be applied for both internal and external users.
Types:
Loss Of Privacy
Data Theft
Impersonation
Loss Of Integrity
Remote-Access VPN:
Remote-Access VPNs allow secure access to corporate resources by establishing an encrypted tunnel across
the Internet. The ubiquity of the Internet, combined with today's VPN technologies, allows organizations to
cost-effectively and securely extend the reach of their networks to anyone, anyplace, anytime. These VPNs are
established using pre-installed VPN client software on the user desktop, thus focusing it primarily on company-
managed desktops/laptops. Following are the reasons for this logical connection as below:
Provides secure communications with access rights tailored to individual users, such as employees,
contractors, or partners
Enhances productivity by extending corporate network and applications
Reduces communications costs and increases flexibility
With the latest trend, SSL VPN box is now getting upgrade to Pulse Secure Appliance Series (PSA and MAG).
Below image shows the network appliance for both the Juniper and Pulse.
The following tables shows the new features introduced in PSA appliances and their benefits.
Key features of PSA and benefits over SA series appliances-
Factors Characteristics
Application and SSL (using full network access) and IPsec VPNs offer broad access to
Network Resource virtually any application or network resource
Access
End-User Access SSL VPNs are initiated using a Web browser
Method
IPsec VPNs are initiated using pre-installed VPN client software
IPsec VPNs can automatically update, but is more intrusive and requires
user input
Customized User SSL VPNs offer granular access policies to define what network resources
Access a user has access to, as well as user-customized Web portals
Authentication IPsec uses digital certificates or pre shared secrets for two-way
authentication.
References-
http://www.cisco.com/c/en/us/products/collateral/security/asa-5500-series-next-generation-
firewalls/prod_white_paper0900aecd804fb79a.html