What is Network Remote Access?
It is sometimes useful to be able to connect to a private or enterprise network from a physically distant place. This is where network remote access comes into the picture; an individual is permitted to access the contents of a network from a remote location, after they have been authenticated.
This setup is most commonly used in business situations where a certain percentage of the workforce operated out of office. Remote access therefore enables them to utilize resources that may be present on the office network, like documentation or literature in the case of salespeople.
However, the downside to remote access is that if an enterprise allows external connections to its private network, there is a great deal of potential for security threats to arise.
Security Threats of Remote Access
There are a vast number of threats that can affect a network, because of the use of remote access. The primary problem first arises when another network is allowed to access the private network; this is a necessary component of remote access, therefore it cannot be removed altogether.
When an individual uses remote access to connect to the network, the individual might be a trusted party to the network; however, the secondary network may not be. The connection between the two is only allowed because there is a transitive relationship created; which means the enterprise trusts the individual, and the individual trusts the secondary network. Therefore the enterprise sanctions the connection.
This connection can bring on a host of problems, including malware like Trojans, worms and viruses. Additionally, the machine used for remote access is outside the tight physical security usually enforced within organizational premises. Therefore if the machine was robbed, chances are high that the network would be compromised as well.
Another potential threat could be due to an unsecured potential connection. Data transferred back and forth could be unencrypted, and therefore easily read by a port listener.
VPN: Virtual Private Networks
Virtual Private Networks originally came about as a network solution for large enterprises, distributed over a large geographical area. It uses an existing network, like the Internet for example, as a foundation, upon which it builds a secure private network. VPNs came about as an economically-viable alternative to leasing proprietary communication lines.
The reason VPNs are secure is because the data that is sent to and fro, across the network, is always encrypted at source and decrypted at the destination. In fact, the source and destination data is also encrypted.
The data is then sent through a network tunnel, using a tunnelling protocol. These protocols ensure that no unencrypted data passes through the virtual tunnel.
VPNs are designed to combat the security vulnerabilities caused by remote access.
Intrusion Prevention System
An intrusion prevention system is exactly what the name implies; it is a system that analyses all incoming data packets for suspicious material before it can cause harm. If malicious data is detected, the system will remove all the packets of that particular data stream and allow only harmless data to pass through.
Intrusion prevention is considered a corollary to intrusion detection systems, except it hopes to detect potential security vulnerabilities before they are misused. The protection then becomes real-time, posing a significant advantage over other security systems.
There is a downside to these systems; they rarely have the ability to analyse encrypted data. Therefore they may not work optimally with a VPN. However this consideration is largely dependant on the individual application.