Chapter 3 - Communication Security: Remote Access and Messaging

Abstract

With the advent of high-speed Internet, securing remote access technologies has become a greater focus for security professionals. Security professionals are tasked with providing confidentiality, integrity, and availability to information passing over public and private networks. Vendors ship virtual private network (VPN) clients as part of operating systems (OSs) or as free downloads, and even Personal Digital Assistant (PDA) devices enable the use of VPN and Terminal Services software. In terms of network security, there are three methods of passing communications to a centralized network: on-site connection to the local network, remote access, and messaging. Remote Access Servers (RAS), Network Access Servers (NAS), VPNs, authentication servers such as RADIUS, TACACS, and TACACS+, and other technologies have been designed to keep out unauthorized users, but channeling these wirelessly and over open air is a completely different thing. VPNs use secure tunnels to allow remote users to connect to a network. IPSec is “a framework of open standards for ensuring private, secure communications over IP networks, through the use of cryptographic security services.” The 802.1x standard is used for securing the transfer of messages between a user and an access point. Secure Shell consists of both a client and server that use public-key cryptography to provide session encryption. It provides the ability to forward arbitrary ports over an encrypted connection. Security professionals have to find the balance between offering users the ability to work from remote locations and ensuring that the network is protected.