The Inner Circle

NSA Selecting and Hardening Remote Access VPN Solutions

  • 1.  NSA Selecting and Hardening Remote Access VPN Solutions

    Posted 30 days ago
      |   view attached
    Hi All,

    NSA just published NSA Selecting and Hardening Remote Access VPN Solutions

    Virtual Private Networks (VPNs) allow users to remotely connect to a corporate network
    via a secure tunnel. Through this tunnel, users can take advantage of the internal
    services and protections normally offered to on-site users, such as email/collaboration
    tools, sensitive document repositories, and perimeter firewalls and gateways. Because
    remote access VPN servers are entry points into protected networks, they are targets
    for adversaries. This joint NSA-CISA information sheet provides guidance on:

    Selecting standards-based VPNs from reputable vendors that have a proven
    track record of quickly remediating known vulnerabilities and following best
    practices for using strong authentication credentials.

    Hardening the VPN against compromise by reducing the VPN server's attack
    surface through:
    • Configuring strong cryptography and authentication
    • Running only strictly necessary features
    • Protecting and monitoring access to and from the VPN


    ------------------------------
    Michael Roza CPA, CISA, CIA, MBA, Exec MBA
    ------------------------------