topic Re: Virtual Private Networks in Operating System - Linux

Virtual Private Networks

Jayden Kissko — Thu, 08 May 2008 05:33:25 GMT

As per the requirements in the organization we work, we need to allow a private virtual network of all to access the files or web services within their PCs. I browsed the internet to acquire the knowledge on the same but was unable to achieve productive results.

Please suggest some software that has the ability to share over two standard protocol units. We require some easiest way to protect our company’s data. We need security at times of incidents like rootkit attacks and zero-day vulnerabilities.

Any help in this regard would be highly appreciated.

Thanks,
J.Kissko

Re: Virtual Private Networks

Steven E. Protter — Thu, 08 May 2008 09:02:11 GMT

Shalom,

Cisco has some fairly good hardware and software for setting up VPN.

Basically, it provides network access. How much you determine with security policy.

I've been working with a system that requires a USB token to get into the VPN and there have been no security breaches. I work at a company that is a fairly high profile target for this.

SEP

Re: Virtual Private Networks

Joshua Small_2 — Thu, 08 May 2008 09:05:46 GMT

There is a lot of useful answers but since you posted in a Linux forum, you should look up FreeSWAN, which is bundled with most, if not all, editions of Linux.

The question is somewhat incorrect however. A VPN is not a direct solution to a rootkit, or a zero-day vulnerability. I'm an unsure what you mean by "two standard protocol units".

Re: Virtual Private Networks

Jayden Kissko — Tue, 13 May 2008 05:42:13 GMT

I'm not a security person, but some network guys I know who run a large network, recommend Cisco's Easy VPN Server and Client. I've used the client, and itâ s very simple and friendly. They deal with lots of attacks, and their strategy is basically to "close down all ports not in use, along with really good passwords. All servers are behind their firewall, and they only grant remote access to users via the VPN.

Re: Virtual Private Networks

Mckenna Melissa — Fri, 16 May 2008 04:47:05 GMT

If you need VPN-access there's always the built in functionality of RRAS in Windows Server 2008 and a lot of 3rd party products.

If you need to secure your clients you could always use bit locker if you run Windows Vista, combined with a server/domain-isolation with a NAP-solution you could ensure that only approved clients can connect to your servers. Protection against viruses and malware could be provided by any 3rd-party product or Windows Defender / Forefront client security.

Re: Virtual Private Networks

Gladwyn Glen — Tue, 20 May 2008 10:25:56 GMT

Choosing the best method really depends on what kit you've got in place already and your budget too.

If you've got a "good" external firewall, then you should be able to setup PPTP or L2TP VPN tunnels directly to that from the clients. Some firewalls even come with their own software clients that you install on the client PC. Otherwise most OS's will allow you to create VPN's natively.

Will these protect from rootkits and 0-day vulnerabilities? Not really. However, you can back them up with a solid set of security practices, covering things from smallest surface area, least privileges, port and packet filtering to anti-virus and sign agreements / acceptable use documents.

Re: Virtual Private Networks

Mckenna Melissa — Fri, 23 May 2008 09:40:53 GMT

"There are many different vendors who offer VPN solutions and each are different in their implementation but the technology used remains the same. The process is normally quite simple:

1. Each user has a key/tag, this provides authentication.

2. They will have some kind of VPN software to connect to the concentrator.

3. And the VPN concentrator confirms the authentication and act's as the gateway for your VPN connection once authenticated.
"

Re: Virtual Private Networks

Jayden Kissko — Wed, 28 May 2008 09:46:48 GMT

There are number of vendors providing similar offerings. In the recent news, it was mentioned that the version 1.0 of MokaFive's Virtual Desktop Solution is a complete virtual desktop package.

Anybody out there who has hands -on experience with MokaFive?

Re: Virtual Private Networks

Semi Martin — Tue, 03 Jun 2008 10:57:28 GMT

The discussion simply directs towards something like virtual PCs. Well, there are many Virtual Desktop Solutions that removes the growing complexity of desktop environment, it has become a service offering.

Try the tools, technology and services provided by "Mokafive". Check out:

http://www.mokafive.com/

Re: Virtual Private Networks

Mckenna Melissa — Fri, 06 Jun 2008 09:19:59 GMT

MokaFive is proving itself. Their unique format for creating virtual machines is called LivePC which updates dynamically, works from anywhere, and starts up in an instant. MokaFive centrally manages the entire lifecycle of users' virtual desktops.

Re: Virtual Private Networks

Gladwyn Glen — Mon, 16 Jun 2008 11:22:46 GMT

Right Melissa. With MokaFive, you can test new applications without fear of damaging your system. In fact you could plan to expand to new areas as well.