Protect VPN and endpoints, and have a point of telework security

Protect VPN and endpoints, and have a point of telework security

This time, we will explain the security measures for telework that corporate network managers want to carry out at a minimum.The point is to review the management system of the VPN and strengthen the endpoint measures.

In the Internet VPN used in telework, a virtual tunnel is built on the Internet.Install client software on personal computers, etc., and realize VPN devices installed in companies and virtual lines.The advantage is that it can be realized relatively inexpensive.

However, vulnerabilities may be found in VPN devices.Since 2019, eight vulnerabilities have been found on major VPN devices alone.All CVSS V3, which evaluates the severity of the vulnerability, is more important than "important", and is dangerous to stop the system and leak information by cyber attacks.

In fact, a large -scale attack on devices that have not been applied for security updates have been confirmed.

主要なVPN装置に見つかった脆弱性[画像のクリックで拡大表示]

VPNとエンドポイントを守れ、テレワークセキュリティーの勘所

For this reason, the network administrator needs to confirm that the vulnerability has been found in his VPN device.According to Rack's Ryba Ryuta Cyber Security Service Management Division Digital Pen Test Service Director and Cyber Grid Japan Senior Researcher, "There are services that notify vulnerabilities in VPN devices, but basically paid."

Companies that do not use such services will on a daily basis to browse the VPN device vendor websites and security information sites to see if new vulnerabilities have been discovered.

The trouble is when a zero day attack occurs.If you get the information that zero -day attacks aimed at the VPN device you are using in -house, you should in principle stop using the VPN device.Consider whether you can respond by avoidance until a security update is provided by vendors.

One of the workarounds is a method of protecting VPN devices to security devices such as IPS (Intrusion Prevention System) and IDS (Intrusion Detection System).This is because multi -stage defense may block unauthorized communication aimed at VPN devices.

However, this workaround is only a first aid until the security update program is provided.Immediately apply when a security update is provided.

日経クロステック Activeは、IT/製造/建設各分野にかかわる企業向け製品・サービスについて、選択や導入を支援する情報サイトです。製品・サービス情報、導入事例などのコンテンツを多数掲載しています。初めてご覧になる際には、会員登録(無料)をお願いいたします。

Strengthen measures for the next page endpoint

Category

Hot Articles

With Fire HD 8, you can listen to music with LDAC and watch online videos in HD quality! 6980 yen at Amazon Time Sale Festival 11/03/2022
What makes a gaming router different from a regular Wi-Fi router?I compared the points 10/03/2022
You can also play PS5 at 4K / 120Hz! Gaming monitor "MSI Optix MPG321UR-QD" which is 32 type and has all the functions 04/04/2022
If you want a tablet "somehow", buy the Fire HD 10 series on Amazon. I'm sure most people are very satisfied with this! 10/04/2022
DIE VORTEILE EINES ERNEUERUNGSKONSOLENPLANS 18/08/2022
Renault launches new SUV "Arkana" equipped with original hybrid on May 26 Price is 4.29 million yen 07/04/2022
"FFXIV" patch 5.2 "Recollection of the evil star", scheduled to be implemented in mid-February 2020 27/04/2022
What is the plan that can be used at "maximum 1 Mbps" even at low speeds?Compare by sub-brand, online only, MVNO 04/04/2022

Tags