SlideShare a Scribd company logo

Another proposal

King Portipher
King Portipher
1 of 3
Download to read offline
VPN SECURITY CONCERNS AND POLICY ENFORCEMENT ABSTRACT VPN (Virtual Private Network) provides a way of protecting information being transmitted over the internet, by allowing users to establish a virtual private “tunnel” to securely enter an internal network, accessing resources, data and communication via an insecure network such as the internet. VPNs carry sensitive information over an insecure network.The users generally trust the VPN to keep the information secure, which is understandable because that is what the VPN is designed to do. Because of this trust, the users will transfer sensitive data without using additional encryption, and use protocols that transmit authentication credentials in the clear. This project provides a general overview of VPN and core VPN technologies. We discuss the potential security risks as well as the security considerations that need to be taken into account when implementing a virtual private network. We will do documents review and take core research activities about some of the attacks and security policies that need to be enforced regarding to VPN implementation. BACKGROUND Remote Access VPNs often allow full access to the internal network. Many organizations configure their remote access VPNs to allow full access to the internal network for VPN users. This means that if the VPN is compromised, then the attacker gets full access to the internal network too. Also upon some research which was taken in the context of this project, we found out that, VPN traffic is often invisible to IDS(Intrusion Detection System) monitoring.If the IDS probe is outside the VPN server, as is often the case, then the IDS cannot see the traffic within the VPN tunnel because it is encrypted. Therefore if a hacker gains access to the VPN, he can attack the internal systems without being picked up by the IDS We discuss the potential security risks as well as the security considerations that need to be taken into account when implementing a virtual private network. 1
PROBLEM STATEMENT VPNs are Attractive Targets VPNs are Attractive Targets in the sense that once VPN is established, it allows full access to the internal network. Many companies and organizations configure their VPNs to allow full access to the internal network for VPN users. Therefore if the VPN is compromised, then the attacker gets full access to the internal network and its resources. There are lots of security flaws in the VPN, but here is the case where people build much trust in the VPN technology without considering these security flaws. OBJECTIVES  To expose the security vulnerabilities associated in deploying a virtual private network  Security considerations to take when implementing VPN’s.  To enforce security policies on VPN implementation. JUSTIFICATION VPN provides secured connection for remote areas and devices, therefore it is vital for every student of interest to investigate and explore to get the understanding of the concept. By accomplishing the set up objectives of this project, it will contribute to the needs of the community in the context of establishing connections to their organizations in remote areas. Much knowledge on security in this context will be acquired as we dive deep into the security flaws and the security policy enforcement in VPN implementation and usage. SCOPE Virtual private network provide users with good and secured services. In this project, we emphasize on the security threat vulnerabilities in VPN and proceed by providing security measures that needs to be taken when implementing VPN in an organization. This project accentuate the security aspect of VPN, thus it covers only the security flaws and security policy enforcement in VPNs. 2
METHODOLOGY Relevant information needed to get the project done will be obtained through investigations, documents review, research analysis and use of diagram representations. SCHEDULE The project is intended to achieve the setup objectives which are: exposing the security flaws in VPNs and the security measures needed to be taken in VPN implementation. The project is scheduled to start when approved by the Head of Department (Computer Science Department). REFERENCES R. Hills, “NTA Monitor UDP Backoff Pattern Fingerprinting White Paper”, http://www.nta-monitor .com/ike-scan/whitepaper .pdf, January 2003. R. Hills, “Firewall-1 Vendor ID Fingerprinting”, http://www.nta- monitor .com/news/checkpoint2004/index.htm,May 2004. 3

Recommended

Network Security Projects
Network Security ProjectsNetwork Security Projects
Network Security ProjectsPhdtopiccom
 
Network Security Certification
Network Security CertificationNetwork Security Certification
Network Security CertificationVskills
 
Network and internet security
Network and internet securityNetwork and internet security
Network and internet securityKaviya452563
 
Network Security
Network SecurityNetwork Security
Network SecurityTechknow Book
 
Topics in network security
Topics in network securityTopics in network security
Topics in network securityNasir Bhutta
 
DTS Solution - Wireless Security Protocols / PenTesting
DTS Solution - Wireless Security Protocols / PenTesting DTS Solution - Wireless Security Protocols / PenTesting
DTS Solution - Wireless Security Protocols / PenTesting Shah Sheikh
 
Network security
Network securityNetwork security
Network securityEstiak Khan
 
Network Security
Network SecurityNetwork Security
Network SecuritySanthoshKumar2759
 

Recommended

Network Security Projects
Network Security ProjectsNetwork Security Projects
Network Security ProjectsPhdtopiccom
 
Network Security Certification
Network Security CertificationNetwork Security Certification
Network Security CertificationVskills
 
Network and internet security
Network and internet securityNetwork and internet security
Network and internet securityKaviya452563
 
Network Security
Network SecurityNetwork Security
Network SecurityTechknow Book
 
Topics in network security
Topics in network securityTopics in network security
Topics in network securityNasir Bhutta
 
DTS Solution - Wireless Security Protocols / PenTesting
DTS Solution - Wireless Security Protocols / PenTesting DTS Solution - Wireless Security Protocols / PenTesting
DTS Solution - Wireless Security Protocols / PenTesting Shah Sheikh
 
Network security
Network securityNetwork security
Network securityEstiak Khan
 
Network Security
Network SecurityNetwork Security
Network SecuritySanthoshKumar2759
 
Data Security in Local Area Network Using Distributed Firewall
Data Security in Local Area Network Using Distributed FirewallData Security in Local Area Network Using Distributed Firewall
Data Security in Local Area Network Using Distributed FirewallManish Kumar
 
Supply Chain Attack Backdooring Your Networks
Supply Chain Attack Backdooring Your Networks Supply Chain Attack Backdooring Your Networks
Supply Chain Attack Backdooring Your Networks Bangladesh Network Operators Group
 
The Post Covid-19 Cybersecurity World - Where Is It Headed?
The Post Covid-19 Cybersecurity World - Where Is It Headed?The Post Covid-19 Cybersecurity World - Where Is It Headed?
The Post Covid-19 Cybersecurity World - Where Is It Headed?Bangladesh Network Operators Group
 
Wifi Security
Wifi SecurityWifi Security
Wifi SecurityAgris Ameriks
 
Top 10 Cyber Security Tips for SMEs
Top 10 Cyber Security Tips for SMEsTop 10 Cyber Security Tips for SMEs
Top 10 Cyber Security Tips for SMEsDarraghCommsec
 
Wireless Network Security
Wireless Network SecurityWireless Network Security
Wireless Network SecurityGyana Ranjana
 
Security & Privacy in WLAN - A Primer and Case Study
Security & Privacy in WLAN - A Primer and Case StudySecurity & Privacy in WLAN - A Primer and Case Study
Security & Privacy in WLAN - A Primer and Case StudyMohammad Mahmud Kabir
 
Next generation firewall(ngfw)feature and benefits
Next generation firewall(ngfw)feature and benefitsNext generation firewall(ngfw)feature and benefits
Next generation firewall(ngfw)feature and benefitsAnthony Daniel
 
IOT Security
IOT SecurityIOT Security
IOT SecuritySylvain Martinez
 
Network Security and Firewall
Network Security and FirewallNetwork Security and Firewall
Network Security and FirewallShafeeqaFarsana
 
An in depth understanding in the application of the zero-trust security model...
An in depth understanding in the application of the zero-trust security model...An in depth understanding in the application of the zero-trust security model...
An in depth understanding in the application of the zero-trust security model...Max Justice
 
Network security - OSI Security Architecture
Network security - OSI Security ArchitectureNetwork security - OSI Security Architecture
Network security - OSI Security ArchitectureBharathiKrishna6
 
Blug Talk
Blug TalkBlug Talk
Blug Talkguestb9d7f98
 
Network Security ppt
Network Security pptNetwork Security ppt
Network Security pptSAIKAT BISWAS
 
160415 lan and-wan-ctap
160415 lan and-wan-ctap160415 lan and-wan-ctap
160415 lan and-wan-ctapLan & Wan Solutions
 
Traditional Firewall vs. Next Generation Firewall
Traditional Firewall vs. Next Generation FirewallTraditional Firewall vs. Next Generation Firewall
Traditional Firewall vs. Next Generation Firewall美兰 曾
 
Pervasive Security Across Your Extended Network
Pervasive Security Across Your Extended NetworkPervasive Security Across Your Extended Network
Pervasive Security Across Your Extended NetworkCisco Security
 
Network security
Network securityNetwork security
Network securitySri Manakula Vinayagar Engineering College
 
Wireless Networking
Wireless NetworkingWireless Networking
Wireless NetworkingGulshanAra14
 
Network Access Control as a Network Security Solution
Network Access Control as a Network Security SolutionNetwork Access Control as a Network Security Solution
Network Access Control as a Network Security SolutionConor Ryan
 
Virtual private network feature and benefits
Virtual private network feature and benefitsVirtual private network feature and benefits
Virtual private network feature and benefitsAnthony Daniel
 
Vpn alternative whitepaper
Vpn alternative whitepaperVpn alternative whitepaper
Vpn alternative whitepaperCristian Garcia G.
 

More Related Content

What's hot

Data Security in Local Area Network Using Distributed Firewall
Data Security in Local Area Network Using Distributed FirewallData Security in Local Area Network Using Distributed Firewall
Data Security in Local Area Network Using Distributed FirewallManish Kumar
 
Top 10 Cyber Security Tips for SMEs
Top 10 Cyber Security Tips for SMEsTop 10 Cyber Security Tips for SMEs
Top 10 Cyber Security Tips for SMEsDarraghCommsec
 
Wireless Network Security
Wireless Network SecurityWireless Network Security
Wireless Network SecurityGyana Ranjana
 
Security & Privacy in WLAN - A Primer and Case Study
Security & Privacy in WLAN - A Primer and Case StudySecurity & Privacy in WLAN - A Primer and Case Study
Security & Privacy in WLAN - A Primer and Case StudyMohammad Mahmud Kabir
 
Next generation firewall(ngfw)feature and benefits
Next generation firewall(ngfw)feature and benefitsNext generation firewall(ngfw)feature and benefits
Next generation firewall(ngfw)feature and benefitsAnthony Daniel
 
Network Security and Firewall
Network Security and FirewallNetwork Security and Firewall
Network Security and FirewallShafeeqaFarsana
 
An in depth understanding in the application of the zero-trust security model...
An in depth understanding in the application of the zero-trust security model...An in depth understanding in the application of the zero-trust security model...
An in depth understanding in the application of the zero-trust security model...Max Justice
 
Network security - OSI Security Architecture
Network security - OSI Security ArchitectureNetwork security - OSI Security Architecture
Network security - OSI Security ArchitectureBharathiKrishna6
 
Network Security ppt
Network Security pptNetwork Security ppt
Network Security pptSAIKAT BISWAS
 
Traditional Firewall vs. Next Generation Firewall
Traditional Firewall vs. Next Generation FirewallTraditional Firewall vs. Next Generation Firewall
Traditional Firewall vs. Next Generation Firewall美兰 曾
 
Pervasive Security Across Your Extended Network
Pervasive Security Across Your Extended NetworkPervasive Security Across Your Extended Network
Pervasive Security Across Your Extended NetworkCisco Security
 
Wireless Networking
Wireless NetworkingWireless Networking
Wireless NetworkingGulshanAra14
 
Network Access Control as a Network Security Solution
Network Access Control as a Network Security SolutionNetwork Access Control as a Network Security Solution
Network Access Control as a Network Security SolutionConor Ryan
 

What's hot (20)

Data Security in Local Area Network Using Distributed Firewall
Data Security in Local Area Network Using Distributed FirewallData Security in Local Area Network Using Distributed Firewall
Data Security in Local Area Network Using Distributed Firewall
 
Supply Chain Attack Backdooring Your Networks
Supply Chain Attack Backdooring Your Networks Supply Chain Attack Backdooring Your Networks
Supply Chain Attack Backdooring Your Networks
 
The Post Covid-19 Cybersecurity World - Where Is It Headed?
The Post Covid-19 Cybersecurity World - Where Is It Headed?The Post Covid-19 Cybersecurity World - Where Is It Headed?
The Post Covid-19 Cybersecurity World - Where Is It Headed?
 
Wifi Security
Wifi SecurityWifi Security
Wifi Security
 
Top 10 Cyber Security Tips for SMEs
Top 10 Cyber Security Tips for SMEsTop 10 Cyber Security Tips for SMEs
Top 10 Cyber Security Tips for SMEs
 
Wireless Network Security
Wireless Network SecurityWireless Network Security
Wireless Network Security
 
Security & Privacy in WLAN - A Primer and Case Study
Security & Privacy in WLAN - A Primer and Case StudySecurity & Privacy in WLAN - A Primer and Case Study
Security & Privacy in WLAN - A Primer and Case Study
 
Next generation firewall(ngfw)feature and benefits
Next generation firewall(ngfw)feature and benefitsNext generation firewall(ngfw)feature and benefits
Next generation firewall(ngfw)feature and benefits
 
IOT Security
IOT SecurityIOT Security
IOT Security
 
Network Security and Firewall
Network Security and FirewallNetwork Security and Firewall
Network Security and Firewall
 
An in depth understanding in the application of the zero-trust security model...
An in depth understanding in the application of the zero-trust security model...An in depth understanding in the application of the zero-trust security model...
An in depth understanding in the application of the zero-trust security model...
 
Network security - OSI Security Architecture
Network security - OSI Security ArchitectureNetwork security - OSI Security Architecture
Network security - OSI Security Architecture
 
Blug Talk
Blug TalkBlug Talk
Blug Talk
 
Network Security ppt
Network Security pptNetwork Security ppt
Network Security ppt
 
160415 lan and-wan-ctap
160415 lan and-wan-ctap160415 lan and-wan-ctap
160415 lan and-wan-ctap
 
Traditional Firewall vs. Next Generation Firewall
Traditional Firewall vs. Next Generation FirewallTraditional Firewall vs. Next Generation Firewall
Traditional Firewall vs. Next Generation Firewall
 
Pervasive Security Across Your Extended Network
Pervasive Security Across Your Extended NetworkPervasive Security Across Your Extended Network
Pervasive Security Across Your Extended Network
 
Network security
Network securityNetwork security
Network security
 
Wireless Networking
Wireless NetworkingWireless Networking
Wireless Networking
 
Network Access Control as a Network Security Solution
Network Access Control as a Network Security SolutionNetwork Access Control as a Network Security Solution
Network Access Control as a Network Security Solution
 

Similar to Another proposal

Virtual private network feature and benefits
Virtual private network feature and benefitsVirtual private network feature and benefits
Virtual private network feature and benefitsAnthony Daniel
 
my presentation on vpn
my presentation on vpnmy presentation on vpn
my presentation on vpnjadeja dhanraj
 
The Virtual Private Network
The Virtual Private NetworkThe Virtual Private Network
The Virtual Private NetworkAbhinav Dwivedi
 
IRJET- A Survey of Working on Virtual Private Networks
IRJET- A Survey of Working on Virtual Private NetworksIRJET- A Survey of Working on Virtual Private Networks
IRJET- A Survey of Working on Virtual Private NetworksIRJET Journal
 
Implementing vpn using direct access technology
Implementing vpn using direct access technologyImplementing vpn using direct access technology
Implementing vpn using direct access technologyferasfarag
 
Lan Virtual Networks
Lan Virtual NetworksLan Virtual Networks
Lan Virtual NetworksNicole Gomez
 
Virtual Private Network
Virtual Private NetworkVirtual Private Network
Virtual Private Networkadeelahmed0345
 
VPN Types, Vulnerabilities & Solutions - Tareq Hanaysha
VPN Types, Vulnerabilities & Solutions - Tareq HanayshaVPN Types, Vulnerabilities & Solutions - Tareq Hanaysha
VPN Types, Vulnerabilities & Solutions - Tareq HanayshaHanaysha
 
A depth detail about vpn security
A depth detail about vpn securityA depth detail about vpn security
A depth detail about vpn securityEric Fedewa
 
Virtual private network
Virtual private networkVirtual private network
Virtual private networkMohak Kaushik
 
Virtual private network
Virtual private networkVirtual private network
Virtual private networkAyano Midakso
 

Similar to Another proposal (20)

Virtual private network feature and benefits
Virtual private network feature and benefitsVirtual private network feature and benefits
Virtual private network feature and benefits
 
Vpn alternative whitepaper
Vpn alternative whitepaperVpn alternative whitepaper
Vpn alternative whitepaper
 
Allaboutvpn
AllaboutvpnAllaboutvpn
Allaboutvpn
 
my presentation on vpn
my presentation on vpnmy presentation on vpn
my presentation on vpn
 
All About VPN
All About VPNAll About VPN
All About VPN
 
The vpn
The vpnThe vpn
The vpn
 
The Virtual Private Network
The Virtual Private NetworkThe Virtual Private Network
The Virtual Private Network
 
IRJET- A Survey of Working on Virtual Private Networks
IRJET- A Survey of Working on Virtual Private NetworksIRJET- A Survey of Working on Virtual Private Networks
IRJET- A Survey of Working on Virtual Private Networks
 
Implementing vpn using direct access technology
Implementing vpn using direct access technologyImplementing vpn using direct access technology
Implementing vpn using direct access technology
 
Lan Virtual Networks
Lan Virtual NetworksLan Virtual Networks
Lan Virtual Networks
 
Virtual Private Network
Virtual Private NetworkVirtual Private Network
Virtual Private Network
 
Ch11 Vpn
Ch11 VpnCh11 Vpn
Ch11 Vpn
 
VPN Types, Vulnerabilities & Solutions - Tareq Hanaysha
VPN Types, Vulnerabilities & Solutions - Tareq HanayshaVPN Types, Vulnerabilities & Solutions - Tareq Hanaysha
VPN Types, Vulnerabilities & Solutions - Tareq Hanaysha
 
Vpn
VpnVpn
Vpn
 
It Infrastructure Management PPT Centurion University of Technology And Manag...
It Infrastructure Management PPT Centurion University of Technology And Manag...It Infrastructure Management PPT Centurion University of Technology And Manag...
It Infrastructure Management PPT Centurion University of Technology And Manag...
 
A depth detail about vpn security
A depth detail about vpn securityA depth detail about vpn security
A depth detail about vpn security
 
Vpn rsvp
Vpn rsvpVpn rsvp
Vpn rsvp
 
Virtual private network
Virtual private networkVirtual private network
Virtual private network
 
VPN In Details
VPN In DetailsVPN In Details
VPN In Details
 
Virtual private network
Virtual private networkVirtual private network
Virtual private network
 

Another proposal

  • 1. VPN SECURITY CONCERNS AND POLICY ENFORCEMENT ABSTRACT VPN (Virtual Private Network) provides a way of protecting information being transmitted over the internet, by allowing users to establish a virtual private “tunnel” to securely enter an internal network, accessing resources, data and communication via an insecure network such as the internet. VPNs carry sensitive information over an insecure network.The users generally trust the VPN to keep the information secure, which is understandable because that is what the VPN is designed to do. Because of this trust, the users will transfer sensitive data without using additional encryption, and use protocols that transmit authentication credentials in the clear. This project provides a general overview of VPN and core VPN technologies. We discuss the potential security risks as well as the security considerations that need to be taken into account when implementing a virtual private network. We will do documents review and take core research activities about some of the attacks and security policies that need to be enforced regarding to VPN implementation. BACKGROUND Remote Access VPNs often allow full access to the internal network. Many organizations configure their remote access VPNs to allow full access to the internal network for VPN users. This means that if the VPN is compromised, then the attacker gets full access to the internal network too. Also upon some research which was taken in the context of this project, we found out that, VPN traffic is often invisible to IDS(Intrusion Detection System) monitoring.If the IDS probe is outside the VPN server, as is often the case, then the IDS cannot see the traffic within the VPN tunnel because it is encrypted. Therefore if a hacker gains access to the VPN, he can attack the internal systems without being picked up by the IDS We discuss the potential security risks as well as the security considerations that need to be taken into account when implementing a virtual private network. 1
  • 2. PROBLEM STATEMENT VPNs are Attractive Targets VPNs are Attractive Targets in the sense that once VPN is established, it allows full access to the internal network. Many companies and organizations configure their VPNs to allow full access to the internal network for VPN users. Therefore if the VPN is compromised, then the attacker gets full access to the internal network and its resources. There are lots of security flaws in the VPN, but here is the case where people build much trust in the VPN technology without considering these security flaws. OBJECTIVES  To expose the security vulnerabilities associated in deploying a virtual private network  Security considerations to take when implementing VPN’s.  To enforce security policies on VPN implementation. JUSTIFICATION VPN provides secured connection for remote areas and devices, therefore it is vital for every student of interest to investigate and explore to get the understanding of the concept. By accomplishing the set up objectives of this project, it will contribute to the needs of the community in the context of establishing connections to their organizations in remote areas. Much knowledge on security in this context will be acquired as we dive deep into the security flaws and the security policy enforcement in VPN implementation and usage. SCOPE Virtual private network provide users with good and secured services. In this project, we emphasize on the security threat vulnerabilities in VPN and proceed by providing security measures that needs to be taken when implementing VPN in an organization. This project accentuate the security aspect of VPN, thus it covers only the security flaws and security policy enforcement in VPNs. 2
  • 3. METHODOLOGY Relevant information needed to get the project done will be obtained through investigations, documents review, research analysis and use of diagram representations. SCHEDULE The project is intended to achieve the setup objectives which are: exposing the security flaws in VPNs and the security measures needed to be taken in VPN implementation. The project is scheduled to start when approved by the Head of Department (Computer Science Department). REFERENCES R. Hills, “NTA Monitor UDP Backoff Pattern Fingerprinting White Paper”, http://www.nta-monitor .com/ike-scan/whitepaper .pdf, January 2003. R. Hills, “Firewall-1 Vendor ID Fingerprinting”, http://www.nta- monitor .com/news/checkpoint2004/index.htm,May 2004. 3