Designing Access Controls
Make Decisions about Remote Access (VPN)
TableAdvantages | Explanation |
Increased productivity | Users can access data and perform work |
| tasks when out of the office |
Increased employee satisfaction | Some users may be able to work more flexible |
| hours or telecommute from home. Others |
| escape the frustration of a long commute; |
| they can focus on work rather than on |
| traveling to the office. |
Benefits to the environment | Telecommuting decreases traffic congestion, |
| pollution, and fossil fuel consumption. You |
| might even find government programs that |
| offer incentives for companies that |
| encourage telecommuting. |
|
|
| Select VPN Options |
| After you decide to establish a VPN, you must start designing your deploy- |
| ment. Deploying a VPN can be a bit complicated. You have a lot of choices to |
| |
| to protect data. This guide focuses on the decisions with the greatest implica- |
| tions on deployment; examining every detail of VPN security policies is |
| beyond its scope. |
| One important choice is your VPN protocol. Common ones include: |
| ■ IP Security (IPsec) with Internet Key Exchange (IKE) |
| ■ |
| ■ Layer 2 Tunneling Protocol (L2TP)/IPsec |
|
|
N o t e | Although L2TP can be implemented without IPsec, it does not provide ade- |
| quate security on its own. Therefore, this guide will consider only the L2TP/ |
| IPsec implementation. |
|
|
In addition to selecting the VPN protocol, you need to choose various options for the selected protocol:
■Authentication
•Digital certificate
•Password (preshared key)
■Encryption protocols and algorithms, which ensure data privacy (encryp- tion) and data integrity (hash or authentication)