Communiquez avec les autres et partagez vos connaissances professionnelles

Inscrivez-vous ou connectez-vous pour rejoindre votre communauté professionnelle.

Suivre

What is the best method to secure SSL-VPN security appliance?

user-image
Question ajoutée par Anirban Sam , Manager IT Infrastructure/Internet Operations , Riyam Computer Services LLC. (OMZEST Group)
Date de publication: 2013/06/14
Khandakar Ashfaqur Rahman
par Khandakar Ashfaqur Rahman , Head Of Network , Smart Network Ltd

Check the following document sposored by Sonicwall: http://www.itsecuritywarehouse.com/@@content/pub/rtc/file/quickupload/WP_SSLVPN-EGuide_112807.pdf   However, all these mentioned suggestions in this documents should be the best practice for most of the appliances.

Anas Anbtawi
par Anas Anbtawi , IT Solutions Presales Manager , Advice Technologies

The answer to your question has two parts :

First Since SSL VPN works on HTTPS ,you should buy a public certificate for your web authentication page that come from the SSL VPN device  from Public  certfication Authority such as Verisign and Digital Cert , this will insure that the connection between  client and server is not only encrypted via HTTPS but also is verfied by those public authorites .

Second :It's necessary that the users how access the local network via SSL VPN are domain users , this mean that the SSL VPN device has to integrate with the Domain Controller , this can be done via LDAP or Radius authenticaion , but this necessary to make sure that the firewall doesn't have users installed locally on it but in this case the firewall will ask the third party "Which is the domain contoller to give the previllages  of access according to the user himself in addition to the firewall provided security .

 

  please note that having gateway antivirus and IDP  are great to prevent any expected attack or virus that might come from user PC through files sharing or moving 

I believe having those will protect you and will provide a huge level of security 

More Questions Like This