Receiving final approval II. Wrap up

Posted: October 17th, 2013

I. Receiving final approval II. Wrap up

Name:

Lecturer:

Institution:

Course:

Date:

I. Receiving final approval II. Wrap up

VPN Solution Implementation

The best practices to be implemented in the VPN solution will ensure that it becomes a fundamental part of the information security center. Among the practices that I intend to implement is the CPE based IP VPN approach that is suitable for encrypting and decrypting data at the premise of the customer. This practice will help ensure a high protection level across the complete WAN. Consequently, one is endowed with the ability of sending data through the internet with the assurance that the information would not be decrypted if it were intercepted. This ability will make the CPE practice an ideal solution for internet-connected sites through different ISP’s (Avdoshin, S., & Serdiouk, 2002).

It is prudent to understand that this practice in the VPN has threats and exploits involved. A properly implemented CPE based approach prevents common attacks such as interception, replay among others. Exploits will lead to failure of the firewall. This applies on the premise that the VPN is software that is prone to errors and flaws in programming (Lian, S., Kanellopoulos, D., & Ruffo, 2009). Ultimately, the VPN is a human written code. In either an appliance firewall or host firewall, the controlling and logic mechanisms are designed and written by people. This factor creates a high probability for mistakes or possible oversights.

The proper technology to implement as a means of avoiding the threats and exploits should include an up to date threat management program. This program can help ensure a cost effective means of protection. Among the means of protection offered by a proper threat management program include virus protection, authentification of remote access, intrusion prevention, and policy and configuration vaulting (Avdoshin, S., & Serdiouk, 2002). A good threat management program should be capable of residing at the control network edge to regulate data from mission critical systems, block intrusion and virus attempts, and offer authorized external users secure connections.

Future Considerations

Considering future trends in network security threats, malicious attacks are under increased evolution and as well as the intensity of their damage. With limited time for reaction, your organization has to be more proactive in terms of security. Relying on reactive security will soon not be effective. Current trends have overseen a rise in network security threats by thirty per cent. This trend can be attributed to the dynamic nature of the threats. Hackers rarely waste their resources and time to create small projects. Rather, they are working to cause devastating threats.

In accordance with a report done by IBM, current trends dictate that Tuesday is the most vulnerable day followed by Friday, Thursday, and Monday. This report predicted that threats would be created mostly to gain access followed by data manipulation, obtaining information, file manipulation, and bypassing security (Matwyshyn, 2010). Considering the above threat trends, technologies to mitigate these threats are also under evolution. One evolution involves the developing programs capable of simultaneous functions in back up software, antivirus applications and, firewalls. These programs function well together rather than in isolation. Other forms of evolution in this technology involve applications that carry out real time comprehensive checks on the networks.

Indeed, “GRC” will contribute to by helping organizations implement risk based network security that is in tune with their business requirements. Security professionals have been dealt with problems on what best security controls to use. “GRC” aims to gauge the effectiveness of the available options and recommend the most suitable.

Reference

Avdoshin, S., & Serdiouk, V. (2002). Some approaches to information security of communication networks. Informatica, 26, 1, 1-10.

Lian, S., Kanellopoulos, D., & Ruffo, G. (2009). Recent advances in multimedia information security. Informatica, 33, 1, 3-24.

Matwyshyn, A. M. (2010). Data devolution: Corporate information security, consumers and the future of regulation.

Trček, D. (2000). Security policy management networked information systems. Noms 2000, 817-830.