Question

Explain the concept of a Remediation Server and traffic separation as it relates to remote access.

What is a VPN? Distinguish between VPN server, VPN client, VPN router, and Secure Sockets Layer (SSL) VPNs.

What is the difference between a tunnel-mode VPN and a split-tunneling VPN?

According to the Remote Access Policy STIG, what personally owned devices are considered acceptable to perform privileged (administrative) tasks on a DoD network?

When connected to a public network or shared public Internet access point, what are some precautions that remote users should take to ensure confidentiality of communications?

Answer 1

Concept of Remediation Server:

• Remediation is nothing but repair.
• NAC which is abbreviated as Network Access Control will need a remediation server to repair the infected devices or systems.
• The remediation server is a device whose outlook or posture is determined to be unhealthy and is sent to be remediated i.e repaired so that it will meet the necessary compliance rules that the one have configured for a healthy status.
• In The remediation server one can publish remediation resources such as the security clients which will scan for vulnerabilities or attacks and other security risks on devices or systems, patch files, and also the HTML pages that appear on the devices by providing options for remediation or limited network access (LAN).

Concept of Traffic Separation:

• The Intranet and Internet traffic can be separated for remote access VPN clients by using technique called Split Tunneling.
• In the Split Tunneling, Internet protocol i.e IP routing table will be modified so that the traffic to the intranet locations will be sent over VPN connection and also the traffic to other remote locations will be sent through the physical interface.

VPN:
VPN is abbreviated as Virtual private network. VPN will provide online privacy and unknowness by creating private network from the internet connection which is public. It protects the IP address as well.

VPN server:

• VPN server is nothing but a physical server or virtual server. It is configured to the host. It will deliver the VPN services to all the users worldwide.
• The VPN server is a union of VPN hardware as well as VPN software which will allow the VPN client to get connected to a secure private network.
• A VPN server has more number of logical and physical communication ports.

VPN Client:

• VPN client is a nothing but the software based technology which will establishe a secure or protected connection between the user and VPN server.
• VPN client is an application which is installed on a computer.
• Some organizations will provide a purposely built or customized VPN client which is a hardware device and is pre-installed with VPN software.

VPN router:

• The functionality to the VPN is provided by most VPN routers.
• A VPN router is pre-installed with VPN. VPN router has a firmware which handles VPN connections. It means that VPN router will establish a secure or protected connection for the whole site at the hardware level.
• With a VPN router one can connect all the devices to the VPN network without having to make any individual software installations. All the connected devices or computers, smartphones, tablets, and smart TVs can simultaneously receive the continuous access to the network.

Secure Sockets Layer (SSL) VPN:
It is a VPN which will be created by using the SSL protocol inorder to create secure, protected as well as encrypted connection over a secure network which will provide very less security such as Internet.

Difference between Tunnel mode vpn and split-tunneling vpn:
Tunnel mode:

• Tunnel mode will encrypt the whole packet. It is used for the establishment of site-to-site VPN tunnels while securing communication between the VPN gateway devices.
• Tunnel mode will provide security and privacy for the entire original IP packet by protecting the headers as well as the payload.

Split-tunneling vpn:

• Split tunneling is nothing but a concept of computer networking which will provide access to the user for the unrelated security domains such as   Internet and local access network i.e LAN or Wide area network i.e WAN at the simultaneous timing by using the same ormany different network connections.
• This connection state will be usually facilitated through the simultaneous use of a Local Area Network, Network Interface Card, Wireless Local Area Network (WLAN) NIC, and VPN client software application without any benefit of access control.

Precautions that remote users should take:
1. The files to be shared should be locked and secured.
2. Do not share the files to others who dont have permission from the other client.
3. Many web browsers will alert the users who will try to visit the fraudulent websites or download different malicious programs. So,Pay attention to the warnings and keep the web browser and the security software up-to-date.
4. Make sure that the information is stored on the secured systems.
5. Certain instances should be reported to the higher authorities regardless of whether the personal information is revealed or not.
6. Dont stay permanently or always signed in to the accounts. One should Log out immediately when the work is completed.
7. Do not use the same used password on many different websites. It would give the attacker access to one of the accounts access to many of the accounts.