This is a guest post by Puja Mahendru. If you are interested to guest post in this blog, just head over to the Guest Post Guidelines.
VPNs, whether they use PPTP, L2TP, IPSec or SSL technologies, offer competitive advantage to businesses of all sizes, specifically because of their global coverage and the relative ease with which they can be extended to create extranets. This helps in enhancing productivity of a company’s resources through secure connectivity, anywhere and anytime.
Cyberoam is one such integrated security solution that offers VPN feature on its UTM appliances, giving flexibility of PPTP, L2TP, IPSec or SSL VPN technologies, compared to dedicated VPN appliances. The VPNC-certified Cyberoam VPN communicates with most third party VPNs, making it compatible with existing network infrastructures and providing secure access with remote workers, partners, suppliers and customers. [Read: WPS Backdoor, Why Your Wireless Network Might Not Be as Secure as you Think]
Why the Need for VPN?
Before we delve any further on VPNs and especially how it secures organizations, it is important to understand why VPNs are essential to businesses today. Before the Internet, for computer A to talk to computer B located in different offices, cities or even countries telephone lines – physical wire connection were used. For security reasons, it was ensued that only two computers used that line, so a vendor was given the contract to “lease” that circuit. However, this network was expensive, not scalable and dependent on the local vendor who provided the service. [Read: What Are the Different Wireless Network Security Settings? Which One Should I Use?]
With the advent of the Internet, there was no need of physical connections. As long as each computer can reach the internet, information is shared using “virtual” network created by local ISP, across the internet. A VPN works much like a hard-wired network systems. It gives the owner the ability to share information with others on their network by means of a private, exclusive link that is created by a method other than hard-wires or leased lines; usually via the public internet.
How Cyberoam UTM provides secure remote access through its VPN
- Cyberoam scans L2TP, PPTP, IPSec and SSL VPN traffic for malware, spam, intrusions and inappropriate content to ensure secure endpoints and network. They ensure that the conventional VPN security is not subverted and used against the organization that it ought to serve. [Read: How to Fight Spam]
- Cyberoam also subjects the VPN traffic to Intrusion Prevention System (IPS) scan. This feature sanctifies the traffic by detecting and eliminating any threats lurking in it. Taking the VPN user’s identity in to account the IPS policies can be customized. The IPS and firewall combination easily thwart any attempts to launch a DoS attack over VPN.
- A VPN connection is a door to a LAN, and should only be open to specific resources that are required as per a person’s work requirements. Cyberoam’s Granular Access Policy control feature offers exactly that. Companies can provide access to employees only for specific resources, based on their identity and job requirements. This feature is especially helpful in case of SSLVPN, where the person can remotely access the LAN resources even from smart hand-held devices or over insecure networks, with minimal client side configuration. [Read: What is Computer Security?]
- To ensure compliance over VPN, it is crucial to have centralized management that generates comprehensive event reporting, proactive alerts, rapid forensic analyses and complete audit trails. Cyberoam integrates identity-based security reporting which simplifies administration, helps gap identification, spotting anomalous activity, and facilitates regulatory compliance audits.
Cyberoam VPN offers Threat Free Tunnelling
In VPN the same modus operandi that is used to provide security can be used to subvert it. The very design of VPN ensures that the content is secure in transit but unsecure endpoints can defeat the VPN security. Unsecure extended LANs and VPN access points can lead to a VPN transmitting a malware instead. Thus it may be securely transmitting malware instead of legitimate data. [Read: The ultimate answer to data security]
Thus, cyber criminals have been increasingly subverting VPNs to spread malwares instead. But Cyberoam offers a unique solution through its layer 8 technology that enables complete visibility inside the tunnel without disrupting the security of the tunnel. Cyberoam UTM’s Threat Free Tunnelling (TFT) security is driven by the premise that the perimeter / endpoint of any functionally accessible network, is inherently insecure. The TFT secures by establishing intelligent layer of secure remote access driven by Identity based policy controls, enforced authentication, gateway firewall, granular access policy, and gateway threat and malware protection by integrating VPN and UTM (Unified Threat Management) functionalities.
About the Author: Puja Mahendru is a member of internet security team at cyberoam who writes on varied topics like VPN. She keeps a eye on vulnerable areas on Internet and suggest how to over come them. She is of strong opinion that every organization should invest in SSL VPN to secure its data.