The ubiquity of the Internet, combined with VPN technologies, allows you to cost-effectively and securely extend the reach of your network.
Remote-access virtual private networks (VPNs) allow secure access to corporate resources by establishing an encrypted tunnel across the Internet. VPNs have become the logical solution for remote-access connectivity for the following reasons. They:
Anytime, anyplace network access gives employees great flexibility regarding when and where they perform their job functions. VPNs accommodate day extenders, or employees who desire network access from home after hours and weekends to perform business functions such as answering e-mail or using networked applications. Using VPN technology, employees can essentially take their offices wherever they go, improving response times and enabling work without interruptions present in an office environment.
VPNs also provide a secure solution for providing limited network access to non-employees, such as contractors or business partners. With VPNs, contractor and partner network access can be limited to the specific servers, web pages, or files they are allowed access to, thus extending them the network access they need to contribute to business productivity without compromising network security.
There are two primary methods for deploying remote-access VPNs: IP Security (IPsec) and Secure Sockets Layer (SSL). While many solutions offer either IPsec or SSL, Cisco remote-access VPN solutions offer both technologies integrated on a single platform with unified management. Offering both IPsec and SSL technologies enables organizations to customize their remote-access VPN according to their deployment and operating environment needs without any additional hardware or management complexity.
By offering both technologies on a single platform, Cisco remote-access VPN solutions make the choice simple: deploy the technology that is optimized for your deployment and operating environment.
Worms, viruses, spyware, hacking, data theft, and application abuse are considered among the greatest security challenges in today's networks. Remote-access and remote-office VPN connectivity are common points of entry for such threats, due to how VPNs are designed and deployed. Unprotected or incomplete VPN security may allow the following:
To combat these threats, the user desktop and the VPN gateway to which the user connects must be properly secured as follows:
Technologies required for mitigating malware such as worms, viruses, and spyware and for preventing application abuse, data theft, and hacking exist in the security infrastructure of many organizations' networks. In most cases, due to the native encryption of VPN traffic, they are not deployed in such a way that protects the remote-access VPN.
Although you can purchase and install additional security equipment to protect your VPN, the most cost-effective and operationally efficient method of securing remote-access is to look for VPN gateways that offer native malware mitigation and application firewall services as an integrated part of the product.