• RSS
  • Twitter
  • FaceBook

Security Forums

Log in

FAQ | Usergroups | Profile | Register | RSS | Posting Guidelines | Recent Posts

Virtual Private Networks

Users browsing this topic:0 Security Fans, 0 Stealth Security Fans
Registered Security Fans: None
Post new topic   Reply to topic   Printer-friendly version    Networking/Security Forums Index -> Windows

View previous topic :: View next topic  
Author Message
Jackson David
Just Arrived
Just Arrived


Joined: 01 May 2008
Posts: 0


Offline

PostPosted: Wed May 07, 2008 8:36 am    Post subject: Virtual Private Networks Reply with quote

As per the requirements in the organization we work, we need to allow a private virtual network of all to access the files or web services within their PCs. I browsed the internet to acquire the knowledge on the same but was unable to achieve productive results.

Please suggest some software that has the ability to share over two standard protocol units. We require some easiest way to protect our company’s data. We need security at times of incidents like rootkit attacks and zero-day vulnerabilities.

Any help in this regard would be highly appreciated.

Thanks,
J.David
Back to top
View user's profile Send private message
rchoetzlein
Just Arrived
Just Arrived


Joined: 07 May 2008
Posts: 0


Offline

PostPosted: Wed May 07, 2008 2:24 pm    Post subject: 2nd hand info Reply with quote

I'm not a security person, but some network guys I know who run a large network recommend Cisco's Easy VPN Server and Client. I've used the client, and its very simple and friendly. They deal with lots of attacks, and their strategy is basically to "close down all ports not in use", including switching common ports for services to non-typical #s, along with really good passwords. All servers are behind their firewall, and they only grant remote access to users via the VPN.
Back to top
View user's profile Send private message MSN Messenger
graycat
SF Mod
SF Mod


Joined: 29 Apr 2005
Posts: 16777195
Location: London, UK

Offline

PostPosted: Wed May 07, 2008 3:12 pm    Post subject: Reply with quote

Choosing the best method really depends on what kit you've got in place already and your budget as most VPN technology is pretty much along the same lines.

If you've got a "good" external firewall then you should be able to setup PPTP or L2TP VPN tunnels directly to that from the clients. Some firewalls even come with their own software clients that you install on the client PC. Otherwise most OS's will allow you to create VPN's natively.

Personally we run a mixture of software controlled VPN clients as well as windows created PPTP VPN's to different office(s).

will these protect from rootkits and 0-day vulnerabilities? not really, no. However if you back them up with a solid set of security practices covering things from smallest surface area, least privileges, port and packet filtering to anti-virus and sign agreements / acceptable use documents
Back to top
View user's profile Send private message Visit poster's website MSN Messenger
Mckenna Melissa
Just Arrived
Just Arrived


Joined: 07 May 2008
Posts: 0


Offline

PostPosted: Thu May 08, 2008 8:40 am    Post subject: Virtual Private Networks Reply with quote

The question is somewhat unclear.

If you need VPN-access there's always the built in functionality of RRAS in Windows Server 2008 and a lot of 3rd party products.

If you need to secure your clients you could always use bit locker if you run Windows Vista, combined with a server/domain-isolation with a NAP-solution you could ensure that only approved clients can connect to your servers. Protection against viruses and malware could be provided by any 3rd-party product or Windows Defender / Forefront client security.
Back to top
View user's profile Send private message
Jayden Kissko
Just Arrived
Just Arrived


Joined: 08 May 2008
Posts: 0


Offline

PostPosted: Fri May 09, 2008 1:26 pm    Post subject: Virtual Private Networks Reply with quote

I think the problem is something like a Virtual PC?
Have you heard about the technology called Desktop Virtualization? Numbers of software vendors are rolling out desktop-virtualization offerings. They simply manage entire lifecycle of virtual desktops making it easy to create, update, and control the virtual desktop. You can look forward depending upon the requirements at your organization.
Back to top
View user's profile Send private message
ChadAmberg
Just Arrived
Just Arrived


Joined: 25 Jan 2008
Posts: 0
Location: Colorado Springs

Offline

PostPosted: Fri May 09, 2008 4:07 pm    Post subject: Reply with quote

I've helped set up a few networks like this. Several servers running as many virtual PCs as they can handle accessible via RDP, and then typically an SSH server running as the gateway while using WiSSH (http://wissh.com) as the client product. Using WiSSH it can run on a USB stick and there are never any OS level changes like you get with VPN.
Back to top
View user's profile Send private message
ThePsyko
SF Mod
SF Mod


Joined: 17 Oct 2002
Posts: 16777178
Location: California

Offline

PostPosted: Fri May 09, 2008 8:40 pm    Post subject: Reply with quote

Just to give you a completely different direction to go in, at my last company we used a third party VPN provider - Positive Networks to handle our VPNs. I liked them for several reasons.. For starters, they handle all first line support issues from your users. That right there was worth the cost for me Smile They also handle all the tunnel connectivity. They set up the tunnel to your firewall and monitor the connections 24/7. (The users actually connect to PNs server via SSL connection, and are then funneled over to your network) Oftentimes they would tell me about a problem before my users even noticed. But the best part was they have a HUGE variety of configuration options available that could be set at the enterprise level, group level, and user level. Some of those options included requiring up to date AV/Spyware software and firewall protection. You could even keep your users from connecting if they don't have all of the Windows critical updates installed.

Although they didn't provide root-kit scanning, they seem to have just about everything else you're looking for.

(and no, I don't work for them lol)
Back to top
View user's profile Send private message Send e-mail
Mckenna Melissa
Just Arrived
Just Arrived


Joined: 07 May 2008
Posts: 0


Offline

PostPosted: Tue May 13, 2008 8:33 am    Post subject: Virtual Private Networks Reply with quote

I have heard about the technology called “Predictive Fetching” that helps virtual computers start faster and update quickly. This technology is even cost effective and tune faster with existing configurations. Which means you’ll be able to decrease user downtime and increase user satisfaction.
Back to top
View user's profile Send private message
Jackson David
Just Arrived
Just Arrived


Joined: 01 May 2008
Posts: 0


Offline

PostPosted: Fri May 16, 2008 7:35 am    Post subject: Virtual Private Networks Reply with quote

I have received so many replies through mail too but none of them helped out fully.

The security that we need against the incidents is the big issue to consider. Could this be solved too?
Back to top
View user's profile Send private message
PhiBer
SF Mod
SF Mod


Joined: 11 Mar 2003
Posts: 20
Location: Your MBR

Offline

PostPosted: Fri May 16, 2008 5:41 pm    Post subject: Reply with quote

You have two issues here: you need a VPN connection to allow access into your internal LAN and you need a solution that will help you prevent against rootkit attacks and zero-day vulnerabilities.

My suggestion is that you separate these two issues as they are two distinct problems. Rootkit detection/prevention is a whole other ballgame. Zero-day exploit prevention will require adequate defense-in-depth strategies.

NAP/NAC can help make sure machines are up to date and patched before connecting to your VPN but unfortunately, targeted rootkit attacks will go under the radar with most AV implementations. What you need to understand is "risk management." How much risk are you willing to take?
Back to top
View user's profile Send private message
Jayden Kissko
Just Arrived
Just Arrived


Joined: 08 May 2008
Posts: 0


Offline

PostPosted: Thu May 22, 2008 1:44 pm    Post subject: Reply with quote

There are many different vendors who offer VPN solutions and each are different in their implementation but the technology used remains the same. They eliminate the time-consuming and security-threatening hassles of IT management, thereby increasing user productivity and flexibility.
The process is normally quiet simple: -

1. Each user has a key/tag, this provides authentication.

2. They will have some kind of VPN software to connect to the concentrator.

3. And the VPN concentrator confirms the authentication and act's as the gateway for your VPN connection once authenticated.
Back to top
View user's profile Send private message
augmedia
Just Arrived
Just Arrived


Joined: 27 May 2008
Posts: 0


Offline

PostPosted: Tue May 27, 2008 5:27 pm    Post subject: Reply with quote

i haven't read all of this post....but try Hamachi. it's quick, easy and small.
Back to top
View user's profile Send private message
Jayden Kissko
Just Arrived
Just Arrived


Joined: 08 May 2008
Posts: 0


Offline

PostPosted: Fri Jun 27, 2008 10:48 am    Post subject: Reply with quote

I use vmware with virtualcenter it is great; we have over 150 virtual desktops. There are others but it depends on the platform you are using.
Back to top
View user's profile Send private message
bradcamry
Link Spammer
Link Spammer


Joined: 18 May 2011
Posts: 0


Offline

PostPosted: Wed May 18, 2011 5:53 am    Post subject: Reply with quote

A VPN is a private network that uses a public network to connect remote sites or users together. I does not know about any software but I will find it.
Back to top
View user's profile Send private message
Display posts from previous:   

Post new topic   Reply to topic   Printer-friendly version    Networking/Security Forums Index -> Windows All times are GMT + 2 Hours
Page 1 of 1


 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum

Looking for more Windows Networking info?

Sign up to the WindowsNetworking.com Monthly Newsletter, written by Enterprise Security MVP Deb Shinder, containing news, the hottest tips, Networking links of the month and much more. Subscribe today and don't miss a thing!
View a sample newsletter.

Become a WindowsNetworking.com member!

Discuss your Windows Networking issues with thousands of other Windows Newtorking experts. Click here to join!

Community Area

Log in | Register

Readers' Choice

Which is your preferred data recovery solution?

Follow TechGenix on Twitter