Identify the potential impact to IT security of incorrect configuration of firewall policies

and third- party VPNs

The increasing demand for secure data transmission in an organization leads to a booming
market of virtual private network (VPN) solutions. In addition, the decentralized tendency of
production facilities and the development of the mobile workforce also increase the need for
access to enterprise information resources.

A misconfigured firewall can damage your organization in more ways than you think. Firewalls
are an essential part of your network security, and a misconfigured firewall can damage your
organization and give easy access to an attacker. Here's where to look for the holes. Another
more subtle potential security breach can occur when users randomly change VPN client
parameters, such as the pre-shared key. A virtual private network (VPN) operates pretty much in
binary mode: Either the secure connection is established or it isn't. If the secure connection does
not successfully complete, it is not possible to send traffic to the secured resources. So there is
little room for security breaches.

However, VPN security breaches could still occur in subtle ways. The value is normally not
known to the user, and this will result in the client not being able to establish a VPN connection.
The user will then try to obtain the correct VPN configuration parameter to make the client work
again.

For example: The key value could be observed or overheard during a phone conversation. If the
VPN client includes other security-relevant functions, such as a client firewall, things can get
even more dicey. Changing critical client firewall rules that are meant to protect the access
device can introduce significant vulnerabilities.