ابدأ بالتواصل مع الأشخاص وتبادل معارفك المهنية

أنشئ حسابًا أو سجّل الدخول للانضمام إلى مجتمعك المهني.

متابعة

What is the best method to secure SSL-VPN security appliance?

user-image
تم إضافة السؤال من قبل Anirban Sam , Manager IT Infrastructure/Internet Operations , Riyam Computer Services LLC. (OMZEST Group)
تاريخ النشر: 2013/06/14
Khandakar Ashfaqur Rahman
من قبل Khandakar Ashfaqur Rahman , Head Of Network , Smart Network Ltd

Check the following document sposored by Sonicwall: http://www.itsecuritywarehouse.com/@@content/pub/rtc/file/quickupload/WP_SSLVPN-EGuide_112807.pdf   However, all these mentioned suggestions in this documents should be the best practice for most of the appliances.

Anas Anbtawi
من قبل Anas Anbtawi , IT Solutions Presales Manager , Advice Technologies

The answer to your question has two parts :

First Since SSL VPN works on HTTPS ,you should buy a public certificate for your web authentication page that come from the SSL VPN device  from Public  certfication Authority such as Verisign and Digital Cert , this will insure that the connection between  client and server is not only encrypted via HTTPS but also is verfied by those public authorites .

Second :It's necessary that the users how access the local network via SSL VPN are domain users , this mean that the SSL VPN device has to integrate with the Domain Controller , this can be done via LDAP or Radius authenticaion , but this necessary to make sure that the firewall doesn't have users installed locally on it but in this case the firewall will ask the third party "Which is the domain contoller to give the previllages  of access according to the user himself in addition to the firewall provided security .

 

  please note that having gateway antivirus and IDP  are great to prevent any expected attack or virus that might come from user PC through files sharing or moving 

I believe having those will protect you and will provide a huge level of security 

المزيد من الأسئلة المماثلة