NSA releases guidance on securing IPsec Virtual Private Networks

[correlate]

Level 18
Thread author
Top Poster
Well-known
May 4, 2019
801
The US National Security Agency (NSA) has published guidance on how to properly secure IP Security (IPsec) Virtual Private Networks (VPNs) against potential attacks.

Besides providing organizations with recommendations on how to secure IPsec tunnels, NSA's VPN guidance also highlights the importance of using strong cryptography to protect sensitive info contained within traffic while traversing untrusted networks when connecting to remote servers.

Following these recommendations is especially important for organizations that moved the majority of their workforce to telework since the start of the pandemic.

"VPNs are essential for enabling remote access and securely connecting remote sites, but without proper configuration, patch management, and hardening, VPNs are vulnerable to attack," the NSA explains.

Among the measures network admins need to take to ensure a VPN's security, the NSA underlines the need to reduce the attack surface, to always customize the VPN's default settings, and to apply any security updates as soon as they're issued by vendors.
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top