Thanks to visit codestin.com
Credit goes to www.scribd.com

Scribd
Upload
36 views12 pages

Addressing Remote Network Security Solutions

Part of a group project redesigning a corporate wide area network with emphasis on security on a budget. Comments? Daniel

Uploaded by

dsimons1189
Copyright
© Attribution Non-Commercial (BY-NC)
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPT, PDF, TXT or read online on Scribd
36 views12 pages

Addressing Remote Network Security Solutions

Part of a group project redesigning a corporate wide area network with emphasis on security on a budget. Comments? Daniel

Uploaded by

dsimons1189
Copyright
© Attribution Non-Commercial (BY-NC)
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPT, PDF, TXT or read online on Scribd
You are on page 1/ 12

Crypto Security Architecture

Addressing remote network


security solutions…
Current Network

Remote access user connections are not


encrypted
Access to main site from sales department in
England is not encrypted
Current Network
Proposed Secured Network

All connections to and from the corporate network


should be secured.
We will accomplish this using the open source
VPN software package OpenVPN.
Main Site Changes

Add a physical server in the main office running


OpenVPN in server mode.
Create VPN configuration files for site to site VPN
to main office and for dial access from remote
users. Generate Secret Key.
Configure routing to allow devices in main office
to communicate with remote networks across
VPN.
Sales Office Changes

Install OpenVPN client on Windows 2000 server


in the sales office.
Create VPN configuration file for site to site VPN
to main office. Copy secret key.
Configure routing to allow devices in sales office
to communicate with remote network across VPN.
Remote User Changes

Install OpenVPN client on remote user computer


systems.
Install configuration file and secure key.
Train users to connect with VPN.
Secured Network
Security Enhancements

All company traffic that travels across public


networks is secured with encryption.
Weaknesses

Distribution of VPN configuration files and secret


keys.
To mitigate we will create a web repository to
distribute configuration files and secret keys. The
site will require secure authentication to login and
access files and keys.
Weaknesses cont.

Loss or theft of secret key.


All systems containing a copy of the secret key
must be password protected and use whole disk
encryption to protect against loss or theft.
Cost Savings

The router in the sales site could be eliminated.


The RAS server in the main site could be
eliminated.

You might also like