Tag Archives: Mobility

Mobility And Security Part 1: SSL Based VPN’s

Posted on by
Reply
Mobile Security
simply by hackNY

Mobility And protection Part 1: SSL dependent VPN’s

What does SSL plus VPN mean?

SSL (Secure Sockets Layer) is a process developed by Netscape to secure information transmission between a client and a server. It was soon used by the likes of ms Internet Explorer and other leading web browsers, providing a secure means to work data in an encrypted file format over the web, most commonly observed with e-commerce sites getting credit card payments for buys.

A VPN (Virtual personal Network) is a private marketing communications network usually used within a company or by several companies that have a need to share info over a public network. VPN traffic is carried over the Internet using standard (often insecure) protocols.

What is the fuss along with SSL VPN’s?

SSL VPN technology has been around for several years, yet only in the past year has the market literally exploded along with low cost purpose built products. The likes of Juniper, Nortel and now even Cisco have developed these types of low cost SSL based VPN solutions for various company types including SMEs.

SSL VPNs work at the application coating. Unlike IPSEC VPNs they are far less complicated to setup, assistance and maintain. As they work with most modern web browsers no software is required to be configured and they are not really restricted to a particular computer. furthermore, as almost all corporate systems globally, including those with strict firewall policies, permit web traffic including the SSL port, SSL VPNs being utilized by cellular workers are almost guaranteed to work in every environment. This is one of the downfalls of the more common IPSEC VPN technology which usually struggles over NAT conditions. One other benefit with SSL VPNs is it gives the manager per-user access control to a strictly specified list of programs.

Summary of Benefits:

1. lower Total cost of ownership

2 . End point Security within differing environments (e. gary the gadget guy. if no Antivirus upon mobile machine, only enable extranet access)

3. Clientless (web browser SSL VPN access for shared files, applications & extranet resources)

4. On demand customer for full network coating access

5. Helps safe thin client access in the public domain (Citrix, terminal solutions published on the web)

six. Per-user or per-group software list control

What should I do next?

1. realize your company’s goals and what you are trying to achieve from your VPN solution

2. Consider what applications and services you intend to provide over your VPN solutions and understand the VPN options available to you.

3. Understand the security and service needs of your VPN Solution plus determine which VPN items provide these

4. think about if you should be implementing extra security safeguards to further safeguard your VPN solution

SSL based VPN solutions are now very affordable and they ensure cellular workers can access important company information from almost any device anywhere in the world. They relieve simplicity and availability whenever implemented in a well prepared and thought out manner and they help to achieve a trouble free atmosphere for remotely accessing important data.

SSI’s mobile plus security specialists are available to provide mobile and security options for companies of all dimensions covering consultancy, planning, application, support and user coaching.

More cellular Security Articles

the particular Challange – Security Vs . Mobility

Posted on by
Reply
Mobile Security
simply by vernieman

The Challange: protection Vs. Mobility

The mind-boggling increase in the mobility of the corporate workforce and the availability of wireless internet connections in international airports, hotels, and coffee homes, creates an unbearable challenge to IT managers. Whenever employees, traveling with their laptops, connect to the hotel hotspot, they are in fact connecting their corporate computer systems to an unsecured network, discussed by hundreds of guests. this particular innocent connection jeopardizes delicate data and can bring back protection threats into the corporate system when returned to the office. For this reason, IT managers have used rigid security policies, creating a conflict between the need for protection and the productivity of the cellular workforce. For example, some businesses consider the returning laptops because “infected”. The infected laptop computers are completely formatted plus cleaned. Some allow dial-up connections-only (no Wi-Fi), while others go further to completely stop the connection of laptops to the Internet outside the corporate network.
this particular unbearable conflict between protection and mobility can only become solved if the mobile pressure is equipped with the same level of protection as they have inside the business network. To understand what this means, we should examine the level of security that is maintained inside the corporate systems.

Corporate Network – 2 Lines of Defense

business users enjoy higher protection levels inside the corporate system because they operate behind 2 lines of defense. The first line of defense, is a set of robust security appliances, set up at the IT center plus exclusively controlled by the IT division. It is largely based on a comprehensive set of IT security home appliances running secured and solidified OS, with Firewall, IDS, IPS, Anti Virus, no- Spyware,
Anti Spam plus Content filtering. The second collection is based on the Personal FW plus Anti Virus software installed on end-user’s computers.
The first line of defense completely isolates the user at the physical and reasonable layers.
Unlike PCs, these types of appliances are equipped with a solidified operating systems that do not have protection holes, “back-doors”, or unprotected layers. They are designed for a single purpose, to provide security.
The first line of defense provides the subsequent advantages:
— Mobile program code is not run – content material arriving from the internet is not carried out on these appliances it just goes or does not go through into the network. It makes this more difficult to attack as the mobile code delivered by the hackers does not run on the particular appliances.
Cannot be uninstalled: protection attacks often start by focusing on the security software, while trying to uninstall it or quit its activity.
Software-based protection solutions, as any software program consists of an uninstall option that can be targeted. In contrast, the hardware-based security appliances cannot be un-installed as they are hard coded into the hardware.
– Non-writable memory space – Hardware-based solutions handle the memory in a limited and controlled manner. The security appliances can prohibit access to its memory, providing higher protection against attacks on the protection mechanism.
– Controlled by IT staff – The security appliances are usually controlled by IT, who continuously maintains the highest security guidelines and updates.
– overall performance – The security appliances are usually optimized for maximum protection and operate independently through computers in the network, not really degrading the performance of the desktops or consuming their own resources.
Consequently, the corporate personal computers reside in a secured atmosphere. If the security is breached, at least the damage stops at the gateway. The first line of protection prevents threats from getting into the corporate network. While the 2nd line serves as a safety measure and help defend against threats that may have already entered the system (e. g. emails). But the real problem starts when the corporate PCs go in plus out of this secured environment. Outside the corporate network they are at the frontline with no first line of defense. The problem intensifies as they return, bypassing the first line of defense as they enter the system. These laptops can be considered as the greatest threat because they unconsciously infiltrate security threats
into the supposedly safe network.