VPN Security Assessment
Whether it’s for site to site, site to vendor, or access for remote workers Virtual Private Networks are critical security services used by almost every organization worldwide and in most organizations this is how all servers are accessed remotely. Unfortunately this powerful tool also has the potential to grant attackers full access to these same systems, this is one of the main reasons this is an increasingly popular target for attackers and also why regular Internet-wide scans for all VPN systems is currently happening. To make matters worse, theses devices are frequently deployed in a manner strictly optimized for network availability and not properly deployed for security. Misconfigurations can lead to vendors or third-parties having access to large amounts of data they are not authorized to have or possibly allow attackers direct access to sensitive areas of an organization's network. If applicable, a misconfiguration in this area could also lead to regulatory or compliance failures.
In order to prevent these problems we’ve developed an in-depth assessment methodology that includes a detailed analysis the following:
- Architectural deployment
- Encryption Analysis
- Key-Exchange Analysis
- Key management
- Key distribution process
- Systems-level security analysis
- Bios-level security analysis (where applicable)
- Application security analysis (where applicable)
- Protocol utilization analysis, including layer 2 (where applicable)
- Log correlation and log monitoring analysis
- Network and Security Event monitoring appropriateness
- Service account access
- User account access
- Administrative access
- VPN Client configuration analysis (where applicable)
- Vendor VPN implementation (where applicable)
- Comprehensive analysis for vulnerabilities of VPN systems
- IPv6 Analysis
- User grouping analysis
- Firewall rule analysis
- VPN performance analysis
- VPN high-availability/failover analysis (where applicable)
- VPN memory analysis (where applicable)
- VPN disaster recovery & business continuity review
In addition to analyzing the VPN(s) themselves we will also help explain what to do to remediate each issue we find. We also go beyond the basics and explain useful tricks that most organizations may not have encountered to help make operating and securing these devices easier.
When considering the value of the assets that your VPN can access we think an in-depth assessment is well worth-while. If you’d like to know more contact us today.