Remote Access VPN (Virtual Private Networks)
Many organizations want remote access into their network. It is not uncommon to have this need. Configuring a secure method for remote users to connect is another topic. Many organizations overlook this critical aspect when allowing remote users to connect into the network. They inadvertently open up a gaping security hole to the outside world, inviting hackers to walk right in. Simply opening a port to the outside world for Remote Desktop or allowing telnet or some other direct access through the firewall is asking for someone to hack you.
VPN’s can be either remote access VPNs (RA VPN)or Lan-to-Lan VPNs (L2L VPN). The difference is that a remote access VPN allows individual users to connect to the corporate network on an as-needed basis. A Lan-to-Lan VPN is almost always connected all the time. These are usually found in remote branches where many users need to share the connection back to the main office.
The best way to allow remote users to connect would be through a secure connection. This is typically done through a Virtual Private Network (VPN). VPN’s come in several “flavors”. A traditional method to use is an IPSec VPN. This does have some limitations, but can be a very effective and secure method for remote access. A more modern method for remote access is an SSL VPN. This method eliminates the limitations of the IPSec VPN, while still providing an effective and secure connection. Either of these VPN methods can be integrated with Active Directory security to allow for a single sign-on.
If there is one way you SHOULD NOT allow remote access, it is to allow direct access to a remote desktop server through the network firewall. This configuration ALWAYS gets hacked! We highly recommend you never configure remote access in this way!
If you provide remote access to your servers or resources without any type of secure connection, you will absolutely get hacked, 100% guaranteed. The good news is that most network firewalls come with the ability to create a VPN connection. This allows you to leverage your existing network infrastructure with little to no financial impact.
Whether you need to provide access to a single user or to an entire location, Southern Networks’ security team can not only design but implement your security needs. Contact us today to learn more about our ThreatBlock Security Services, and how we can help you with your IT security needs.