Importance of VPN in Organizations

Verified

Added on 2022/12/15

AI Summary

This report highlights the importance of VPN in organizations and discusses various types of VPN and their role in securing websites and protecting sensitive information. It also covers countermeasures to mitigate VPN attacks. VPN should be a high priority for every organization to ensure security.

Contribute Materials

Your contribution can guide someone’s learning journey. Share your documents today.

Running head: VPN
VPN
Name of the Student:
Name of the University:
Author Note:

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

1VPN
Executive Summary:
The purpose of this report is to showcase the importance of VPN in each and every
organization. The report describes about the various types of VPN and their importance in
daily business operation. The report mainly focuses on the VPN and the possible
countermeasures to mitigate the VPN attacks in an organization. Lastly, the report concludes
that the security of VPN should be a high priority for every organization.

2VPN
Table of Contents
Introduction:...............................................................................................................................3
Authentication and Access Control:...........................................................................................3
Confidentiality and Integrity:...................................................................................................14
Anti-Replay:.............................................................................................................................16
Conclusion:..............................................................................................................................17
References................................................................................................................................18

3VPN
Introduction:
VPN is a type of programming which generates an encrypted and a safe connectivity
between the loss secure networking system for example public internet. A VPN operates with
the help of some distributed public infrastructure keeping the privacy by tunnelling protocols
and some security procedures. Tunnelling protocols includes encrypting all the data at the
sending side and decrypting data at the receiver side. The contemporary organization should
implement VPN due to some factors like: Cost Savings of the organization , increases the
productivity of the organization and they are too affordable for any type of organization.
increases the network scalability and also plays an important role in security of the
organization. The two form of VPN SSL/VPN as well as the IPSEC/VPN differs due to the
fact that the security of the system which is in the favor of VPNSSL and the SSL based VPN
s are always better to bypass all the firewalls from the network, Speed and reliability both of
the type are relatively fast but IKEv2/IPsec is the comparatively faster than SSL based VPN.
SSL/VPN has more advantageous over IPSEC/VPN because of the administrative costliness
of IPSEC/VPN and it do not support granular access security. The report briefly describes
about the authentication and access control, confidentiality and integrity, anti-replay attacks.
Authentication and Access Control:
The authentication process of SSL and TLS: To authenticate the server, the client utilizes
the server’s public key for encryption the data which is to find the secret key [1]. The server
produces the secret key if and only if the data is decrypted with the right private key [2]. To
authenticate client, the server utilizes the public key in the client certificate which is to
decrypt the data which the client sends during the handshake process [3]. When the exchange
method occurs between the encrypted messages and the secret key it confirms that the

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

4VPN
authentication process is finished. If any one of the authentication fails, then the handshake
process fails and the session terminates [4].
Figure 1: Open the chrome window
(Source: [5])

5VPN
Figure 2: select the red labelled button
(Source: [5])
Figure 3: select more tools
(Source: [5])
Figure 4: select security or >>

6VPN
(Source: [5])
Figure 5: click on view certificate
(Source: [5])
The working principle of digital signature:
The working principle of the digital signature are as follows [6]:
 Put the Signature: When the “sign” button is clicked a very unique fingerprint of the
document known as hash is created, then the hash is encrypted with the help of private
key of the signer and then the document which is now digitally signed is ready to
distribute.

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

7VPN
 Verify the signature: When the document is opened in a digital signature capable
program which utilizes the signer’s key to decrypt the hash then the program finds the
new hash for the file.
Figure 6: open chrome and click on settings
(Source: [7])

8VPN
Figure 7: click Show advance settings and then click manage certificates
(Source: [7])

9VPN
Figure 8: click import
(Source: [7])

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

10VPN
Figure 9: click next
(Source: [7])

11VPN
Figure 10: browse the document then click next
(Source: [7])

12VPN
v
Figure 10: enter password then click next
(Source: [7])

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

13VPN
Figure 11: click next
(Source: [7])

14VPN
Figure 12: click next then finish
(Source: [7])
Figure 13: click ok
(Source: [7])

15VPN
Analysing the method of determining the right client by the server:
When a client visits a website the server analyse and check the client by client/server
architecture, which is a computing model where the server hosts controls and delivers the
maximum resources which are to be consumed by the client side [8]. This model involves
more than one client computers which is connected to a central server over an internet
connection or in aa network. The component of the server gives a service to many clients
who initiate for such types of request such as web pages, web server, file server, Whether the
computer is a client or a server. Client software can communicate with the server software at
the same time
Centralised Access control of SSL/VPN:
The feature of SSL/VPN products is that they give a centralised access control for
different organizational resources. If centralized SSL is not applied to the resources, then the
access over each and every resource should be done separately [9]. The centralized access
control makes the operations streamlined. Centralized access control also deals with
centralized monitoring and auditing, this is an important factor as it contains some sensitive
data like personal information, financial records, and other relevant information’s.
Network Access Control of SSL/VPN:
Network Access Control provides administrators to handle the login details to the
SSL/VPN depending on number of parameters like Operating System, Anti-Virus software
and so on. When a user does not fill the required fields he or she is blocked to log in [10].
Option available in NAC are: Start Access Control, Start checking of Agent, Log on from any
IP address, Browser, OS, hot fixes of windows, Security, Flash Version

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

16VPN
Confidentiality and Integrity:
Method of achieving the confidentiality and integrity by SSL:
The message privacy is ensured by the mixture of symmetric and asymmetric
encryption utilized by the SSL and TLS. During the handshake, the SSL server consider an
algorithm of encryption and a distributed secret key which is to be used for only single
session. The messages transmitted between the TLS and SSL are encrypted using that
algorithm as well as the key. While transportation of the shared key the SSL and TLS use an
asymmetric encryption so the key distribution is done in well manner. SSL and TLS give data
integrity by the calculation of message digest. SSL and TLS ensure more data integrity given
that the CipherSpec utilizes a hash algorithm.
Role of Hash algorithms and symmetric encryption:
Hash algorithms are the building block of modern cryptography. It is used to change
large random sized data to small fixed data. The output of the algorithm is known as the hash
value. It operates in one-way manner which means that the input cannot be computed from n
output. The basic functions of the hash algorithm are as follows [11]:
 Generate and verify the digital signatures
 Resource integrity services such as MAC
 Derive sub keys in key establishment agreements
 Generate pseudorandom numeric.
Symmetric encryption is one of the key which is utilized to encrypt and decrypt information
It is distributed between the sender and receiver. In symmetric encryption two types of
algorithms are used Block cipher and Stream Cipher. Block cipher utilizes the number of bits
of block used to encrypt a message as one unit and Stream cipher encrypts bytes in single

17VPN
time. In this type of encryption 64 bit is generally generated. It is faster than any other
algorithms.
e ECC, RSA, etc.
The options in VPN client software:
In is a type of software which ensures VPN client connectivity with VPN server It is
implemented in the VPN server and allows authentication, access and authentication and so
on.
The VPN client software allows VPN clients, mainly the VPN client software joins the VPN
client and the VPN server, it provides some positive security related services to the system.
VPN client OS support:
Soft Ether clients allows the Microsoft Windows platform. The software supports OS
with an NT-type kernel in windows 2000 or later and can be also used as VPN Client
installed in Windows 98 Second Edition (SE) and ME (Millennium Edition). The following
architecture or higher specification should be needed x86PN client OS support
Anti-Replay:
In this type of attacks, the attackers resend and intercept packets of network which are
extremely harmful and can cause serious damage to the network system. Prevention of this
kind of attack is the right method of encryption [12]. Encrypted information carries keys with
them and when they are ready to decoded at the last of transmission. Some of the counter
measures that should be taken to mitigate the replay attack are:
 Both the sender and receiver should establish a session key which is basically a code
which is only valid for one transaction and cannot be reused.

18VPN
 Using of timestamps on all messages which will prevent hackers from resending the
information which was sent longer ago.
 Another method to mitigate the attack is to use password for every transaction which
will be used only once.
Conclusion:
Therefore, from the above report, it can be concluded that VPN should be big priority
for every organization to protect their website from being attacked. An organization is an
operating engine holding lots of information regarding their business, customers, the personal
details of the customers, the intellectual property, the market size of the organization and so
on. It is necessary for an organization to secure their respective websites by VPN. VPN
should itself needs to be protected to avoid some harmful damage to VPN system. VPN
system plays an important role for each and every organization operation.

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

19VPN
References:
[1] A. Uskov, IPsec VPN-Based Security of Web-Based Rich Multimedia Systems. In IIMSS
(pp. 31-40), June 2013.
[2] Y. Song and U. Hengartner, Privacyguard: A vpn-based platform to detect information
leakage on android devices. In Proceedings of the 5th Annual ACM CCS Workshop on
Security and Privacy in Smartphones and Mobile Devices (pp. 15-26). ACM, October 2015.
[3] C. Fei, W. Kehe, C. Wei and Z. Qianyuan, The research and implementation of the VPN
gateway based on SSL. In 2013 International Conference on Computational and Information
Sciences (pp. 1376-1379). IEEE, June 2013.
[4] W. Xie, L. Xie, C. Zhang, Q. Zhang and C. Tang, Cloud-based RFID authentication. In
2013 IEEE International Conference on RFID (RFID) (pp. 168-175). IEEE, April 2013.
[5] entrustdatacard, "How to View SSL/TLS Certificate Details in Chrome 56",
Entrustdatacard.com, 2019.
[6] L.F Carvalho, G. Fernandes Jr, M.V.O De Assis, J.J.P.C Rodrigues and M.L Proença Jr,
Digital signature of network segment for healthcare environments support. Irbm, 35(6),
pp.299-309, 2014.
[7] globalsign, "Install Client Digital Certificate - Win...", GMO GlobalSign, 2019.
[8] V.C Perta, M.V Barbera, G. Tyson, H. Haddadi and A. Mei, A glance through the VPN
looking glass: IPv6 leakage and DNS hijacking in commercial VPN clients. Proceedings on
Privacy Enhancing Technologies, 2015(1), pp.77-91, 2015.
[9] K.K. Nguyen, M. Cheriet and M. Lemay, Enabling infrastructure as a service (IaaS) on IP
networks: from distributed to virtualized control plane. IEEE Communications Magazine,
51(1), pp.136-144, 2013.

20VPN
[10] A. Wang, M. Iyer, R. Dutta, G.N. Rouskas and I. Baldine, Network virtualization:
Technologies, perspectives, and frontiers. Journal of Lightwave Technology, 31(4), pp.523-
537, 2013.
[11] J.C Snader, VPNs Illustrated: Tunnels, VPNs, and IPsec. Addison-Wesley Professional.,
2015.
[12] D. Palomares, D. Migault, W. Velasquez and M. Laurenty, September. High availability
for IPSec VPN platforms: ClusterIP evaluation. In 2013 International Conference on
Availability, Reliability and Security (pp. 178-187). IEEE, 2013.