Concept of
Remediation Server:
- Remediation is nothing but repair.
- NAC which is abbreviated as Network Access Control will need a
remediation server to repair the infected devices or systems.
- The remediation server is a device whose outlook or posture is
determined to be unhealthy and is sent to be remediated i.e
repaired so that it will meet the necessary compliance rules that
the one have configured for a healthy status.
- In The remediation server one can publish remediation resources
such as the security clients which will scan for vulnerabilities or
attacks and other security risks on devices or systems, patch
files, and also the HTML pages that appear on the devices by
providing options for remediation or limited network access
(LAN).
Concept of
Traffic Separation:
- The Intranet and Internet traffic can be separated for remote
access VPN clients by using technique called Split Tunneling.
- In the Split Tunneling, Internet protocol i.e IP routing table
will be modified so that the traffic to the intranet locations will
be sent over VPN connection and also the traffic to other remote
locations will be sent through the physical interface.
VPN:
VPN is abbreviated as Virtual private network. VPN will provide
online privacy and unknowness by creating private network from the
internet connection which is public. It protects the IP address as
well.
VPN
server:
- VPN server is nothing but a physical server or virtual server.
It is configured to the host. It will deliver the VPN services to
all the users worldwide.
- The VPN server is a union of VPN hardware as well as VPN
software which will allow the VPN client to get connected to a
secure private network.
- A VPN server has more number of logical and physical
communication ports.
VPN
Client:
- VPN client is a nothing but the software based technology which
will establishe a secure or protected connection between the user
and VPN server.
- VPN client is an application which is installed on a
computer.
- Some organizations will provide a purposely built or customized
VPN client which is a hardware device and is pre-installed with VPN
software.
VPN
router:
- The functionality to the VPN is provided by most VPN
routers.
- A VPN router is pre-installed with VPN. VPN router has a
firmware which handles VPN connections. It means that VPN router
will establish a secure or protected connection for the whole site
at the hardware level.
- With a VPN router one can connect all the devices to the VPN
network without having to make any individual software
installations. All the connected devices or computers, smartphones,
tablets, and smart TVs can simultaneously receive the continuous
access to the network.
Secure Sockets
Layer (SSL) VPN:
It is a VPN which will be created by using the SSL protocol inorder
to create secure, protected as well as encrypted connection over a
secure network which will provide very less security such as
Internet.
Difference
between Tunnel mode vpn and split-tunneling
vpn:
Tunnel mode:
- Tunnel mode will encrypt the whole packet. It is used for the
establishment of site-to-site VPN tunnels while securing
communication between the VPN gateway devices.
- Tunnel mode will provide security and privacy for the entire
original IP packet by protecting the headers as well as the
payload.
Split-tunneling vpn:
- Split tunneling is nothing but a concept of computer networking
which will provide access to the user for the unrelated security
domains such as Internet and local access network i.e
LAN or Wide area network i.e WAN at the simultaneous timing by
using the same ormany different network connections.
- This connection state will be usually facilitated through the
simultaneous use of a Local Area Network, Network Interface Card,
Wireless Local Area Network (WLAN) NIC, and VPN client software
application without any benefit of access control.
Precautions
that remote users should take:
1. The files to be shared should be locked and secured.
2. Do not share the files to others who dont have permission from
the other client.
3. Many web browsers will alert the users who will try to visit the
fraudulent websites or download different malicious programs.
So,Pay attention to the warnings and keep the web browser and the
security software up-to-date.
4. Make sure that the information is stored on the secured
systems.
5. Certain instances should be reported to the higher authorities
regardless of whether the personal information is revealed or
not.
6. Dont stay permanently or always signed in to the accounts. One
should Log out immediately when the work is completed.
7. Do not use the same used password on many different websites. It
would give the attacker access to one of the accounts access to
many of the accounts.