It appears that companies will need to support and protect work-from-home employees for a prolonged period of time. Maybe it’s time to review that virtual private network (VPN) you set up for vulnerabilities. Recently the National Security Agency released its Securing IPsec Virtual Private Networks document, which discusses the regular tasks you should do to keep your network secure:
- Reduce the VPN gateway attack surface
- Verify that cryptographic algorithms are Committee on National Security Systems Policy (CNSSP) 15-compliant
- Avoid using default VPN settings
- Remove unused or non-compliant cryptography suites
- Apply vendor-provided updates (patches) for VPN gateways and clients
Let’s take a deeper look at these and other tasks you can do to lock down your VPN connections:
