As per the requirements in the organization we work, we need to allow a private virtual network of all to access the files or web services within their PCs. I browsed the internet to acquire the knowledge on the same but was unable to achieve productive results.
Please suggest some software that has the ability to share over two standard protocol units. We require some easiest way to protect our company’s data. We need security at times of incidents like rootkit attacks and zero-day vulnerabilities.
Any help in this regard would be highly appreciated.
Cisco has some fairly good hardware and software for setting up VPN.
Basically, it provides network access. How much you determine with security policy.
I've been working with a system that requires a USB token to get into the VPN and there have been no security breaches. I work at a company that is a fairly high profile target for this.
SEP
Steven E Protter Owner of ISN Corporation http://isnamerica.com http://hpuxconsulting.com Sponsor: http://hpux.ws Twitter: http://twitter.com/hpuxlinux Founder http://newdatacloud.com
There is a lot of useful answers but since you posted in a Linux forum, you should look up FreeSWAN, which is bundled with most, if not all, editions of Linux.
The question is somewhat incorrect however. A VPN is not a direct solution to a rootkit, or a zero-day vulnerability. I'm an unsure what you mean by "two standard protocol units".
I'm not a security person, but some network guys I know who run a large network, recommend Cisco's Easy VPN Server and Client. I've used the client, and itâ s very simple and friendly. They deal with lots of attacks, and their strategy is basically to "close down all ports not in use, along with really good passwords. All servers are behind their firewall, and they only grant remote access to users via the VPN.
If you need VPN-access there's always the built in functionality of RRAS in Windows Server 2008 and a lot of 3rd party products.
If you need to secure your clients you could always use bit locker if you run Windows Vista, combined with a server/domain-isolation with a NAP-solution you could ensure that only approved clients can connect to your servers. Protection against viruses and malware could be provided by any 3rd-party product or Windows Defender / Forefront client security.
Choosing the best method really depends on what kit you've got in place already and your budget too.
If you've got a "good" external firewall, then you should be able to setup PPTP or L2TP VPN tunnels directly to that from the clients. Some firewalls even come with their own software clients that you install on the client PC. Otherwise most OS's will allow you to create VPN's natively.
Will these protect from rootkits and 0-day vulnerabilities? Not really. However, you can back them up with a solid set of security practices, covering things from smallest surface area, least privileges, port and packet filtering to anti-virus and sign agreements / acceptable use documents.
"There are many different vendors who offer VPN solutions and each are different in their implementation but the technology used remains the same. The process is normally quite simple:
1. Each user has a key/tag, this provides authentication.
2. They will have some kind of VPN software to connect to the concentrator.
3. And the VPN concentrator confirms the authentication and act's as the gateway for your VPN connection once authenticated. "
There are number of vendors providing similar offerings. In the recent news, it was mentioned that the version 1.0 of MokaFive's Virtual Desktop Solution is a complete virtual desktop package.
Anybody out there who has hands -on experience with MokaFive?
The discussion simply directs towards something like virtual PCs. Well, there are many Virtual Desktop Solutions that removes the growing complexity of desktop environment, it has become a service offering.
Try the tools, technology and services provided by "Mokafive". Check out:
MokaFive is proving itself. Their unique format for creating virtual machines is called LivePC which updates dynamically, works from anywhere, and starts up in an instant. MokaFive centrally manages the entire lifecycle of users' virtual desktops.
Right Melissa. With MokaFive, you can test new applications without fear of damaging your system. In fact you could plan to expand to new areas as well.
