Professional Documents
Culture Documents
Assignment
Assignment
Assignment
G. Logan Gombar
Adopting security standards is one of the easier and better ways to ensure the best
policies are implemented, as well as a high level of interoperability with other systems.
predictability of how to integrate new systems into all the existing architecture. To use a specific
example, implementation of IP Security (IPSec) in the form of a Virtual Private Network (VPN)
can ensure a layer of authentication and data confidentiality across the network. The below
sections will discuss the pros and cons of implementing this standard.
What is IPSec?
When the Internet was initially being created, minimal thought went into security, it was
initially a private network for networking researchers (TCP/IP Guide, n.d.). Because of this, and
the explosive growth of the Internet, the protocols weren’t built with much inherent security,
something that quickly became a very problematic situation. From this need, IPSec was born.
This is a set of defined protocols that can enable confidentiality and authentication services at the
network packet level. The protocols define standards by which encryption and authentication
efforts can be communicated across given, standard formats, enabling large networks that are
secure, confidential, and trusted. A very common implementation of IPSec is through VPN
software, especially common in remote corporate network environments. It enables the desired
confidentiality and authentication that most corporate environments would experience in an on-
premise environment, but with the added benefit of having employees around the globe.
Several standards organizations have adopted this standard. Specifically, the National
Institute of Standards and Technology (NIST), has written a guide on IPSec VPNs. This
document describes the need and demand signal for the suite of protocols, the benefits, and
Security Architecture Development Process 3
examples of implementation with helpful information on specifics (NIST, 2020). This document
outlines a lot of the considerations required for this discussion, including a section on possible
policy documents the organization may need, as well as case studies and alternatives protocols in
A VPN is a very common protocol implemented by many companies around the world. A
major benefit of VPNs is the ability to work remotely while also being confidential (Osborn,
2020), with that advantage reaching multiple levels beyond allowing current employees to work
from home. Furthermore, implementation of a VPN (through the use of IPSec) provides a level
of authentication through the use of pre-shared keys or distributed certificates (Watchdog, n.d.).
By using this level of authentication, network security can be maintained by only allowing
cleared users and systems to access the network. Adoption of this security standard clearly
supports the operations of the entire cybersecurity ecosystem through authentication and
VPNs have many positive and beneficial aspects that can be un. However, there are many
potential problems that can occur with the implementation of this protocol. For example, not
requiring authentication removes a majority of the benefit and confidentiality of the network
(Lewis, 2007). By not requiring any level of authentication, any rogue actor can join the network
and begin interacting with the files and systems. The problems here are quite obvious, given the
baseline assumption of most VPNs being that those on said network are trusted. Another
downside to implementing a VPN for remote access is the need for centralized architecture that
can bottleneck network traffic. This can be load balanced and disaggregated to reduce the
Security Architecture Development Process 4
impact, but these are considerations that need to be looked over when designing the network and
implementing this standard. Furthermore, there is the ever-present consideration that there is a
References
Lewis, M. J. (2007, December 3). Top 10 reasons why IPsec VPNs fail. Network
World. https://www.networkworld.com/article/2349931/top-10-reasons-why-ipsec-vpns-
fail-.html
77r1). https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-77r1.pdf
Osborn, J. (2020, September 21). 7 benefits of using a VPN (Virtual private network). Man of
Many. https://manofmany.com/lifestyle/advice/benefits-of-using-a-vpn-virtual-private-network
standards. https://www.tcpipguide.com/free/t_IPSecOverviewHistoryandStandards.htm
methods. https://www.watchguard.com/help/docs/help-center/en-US/Content/en-
US/Fireware/mvpn/general/mobile_vpn_tunnel_auth_c.html