Questions:
VPN Threats to Perimeter Security
1- Early on we learned how routers and firewalls and IDSs inspect inbound and outbound traffic and how we use those features to our advantage in securing the network. Now, Virtual Private Networks encrypt all traffic and make it impossible to inspect what's coming and going. What can we do to assure that legitimate traffic flows and that malicious traffic is stopped? How can you configure the network to manage VPN and non-VPN traffic?
2- This is the post from other student, I need you response if you agree or disagree and why, give me your own opinion. This post is the opinion from the student from the question #1
Configuring the network to manage the VPN aand non-VPN traffic is straight forward. A VPN system consists of a VPN server located with the corporate infrastructure. The VPN server generally is the router or the firewall directly connected to the public network (Internet). This firewall or Router authenticates users when they connect and if they are allowed access, the server will provide mapping to the users so they have access to the internal network as if they were in the office. The authentication processes is the crucial part of identifying users by checking what they are allowed to do. Actually the remote user is required to have a client application capable of communicating with the VPN server and this application will send all data to the VPN server using encryption. In fact the idea of encryption is to secure the connection between the VPN server and the remote user application rather than allowing the remote user to hide activities from the server. At the corporate level even though the VPN user's connection is encrypted they can still have idea of what exactly the remote user accessed when connected to the system. When VPN traffic is generated, it's usually from legitimate source so there is no need to try to monitor traffic flow and stop malicious traffic. The non-VPN traffic can be managed by allowing users only access within the Intranet without going over the perimeter of the router or the firewall. Access to the Internet by users is always monitored by the firewall (especially the incoming traffic). Therefore whatever malicious traffic that will flow between a non-VPN traffic and the firewall will be stopped.
3- This other post from the student from the question #1, Please response if you agree or disagree and why, please explain your opinion about it.
I also want to add that the VPN communications as the name said is private. This means that the communications must remain private between the server and the client. If for whatever reason a server, router or firewall is allowed to monitor or record this communication the privacy side of the communication is gone. For that reason I don't think there will be soon a tool to monitor the communication in the VPN concept. I might be wrong, but this is my understanding. What do you think guys?