[SOLVED] Discussion11 – replies

I don’t understand this Computer Science question and need help to study.

Main que :What components does a solid VPN Policy include?

No need to provide answer to main question.Please below student posts(2 posts) and provide replies accordingly each in 150 words.

sru-

VPN Policy

If an organization is implementing a VPN solution, it is always encouraged to use a policy for VPN to make sure the employees and the users can understand the functionality, purpose, and need of using software with a VPN. VPN makes the network management secure and avoids hackers or any malicious software from entering the network. VPN also helps to securely access the applications and software management tools when the employees work from home or remotely. A VPN policy needs to be developed and improved as time goes. Writing VPN policy potentially conflicts with other aspects of the overall policy framework (Stewart, 2014). There should be a few components that need to be included in the VPN policy that are discussed below.

Components of a solid VPN

An introduction is a primary component of the VPN policy. The introduction needs to be included with the policy by name and a detailed explanation of the organization’s policy framework. The purpose is another component in a VPN policy. The purpose of the VPN policy should explain why the VPN is used and how it should be used. It also should include references to any governance, risk, or compliance issues or any specific legal or regulatory requirements needed (Stewart, 2014). Scope/binding nature statement is the other component that describes in detail the network, systems or any people that are included in the policy. Define the technical acronyms that are used in the policy.

Document each and every detail in the policy like creating the document, date of creation, version if there are any improvements document status or any version tracking information as well. The actual policy language is one of the components. The optional elements may be included for a perfect VPN policy. Summary, roles, and responsibilities come under optional components. For a long policy, a summary needs to be bulleted to make it easy for employers to check for the policy requirements.

sri-Many companies have started using the virtual private network and clearly it means the need for a VPN policy has also increased. Small and mid-sized companies do not mind having a separate VPN policy but include the details of handling VPN in the overall internet policy. However, it is important to have a separate VPN policy considering the impact of what the threat on a VPN can be on the company (Broderick, 2001). A part of the policy itself would be to begin incorporating a VPN into all of the computer systems of the No-Internal-Controls LLC. VPNs are one of the most common forms of protection against remote access attacks. One of the requirements for VPNs to be used is that the system in which it is being installed must also have a software firewall installed. The basic function of a VPN is that it reroutes the IP address of the host through another connection, making it quite difficult to trace (HAO, FENG & LAI, 2009). And since it can’t be traced, attacking that IP address becomes difficult as well.

For any company, the main office’s computer systems might have at least one firewall system, that is too legacy. This firewall needs to be upgraded and more firewalls need to be added to the overall office server as well. All of the individual computer workstations and systems must be installed with a heavy office firewall, that will scan any and all files that make the computer system vulnerable to remote attacks (Zhang, Zhang, Chu & Li, 2004). The firewall software must be implemented, as well as hardware firewalls in all of the routers, switches, and servers. This dual-firewall system will help protect the company from remote attacks, first at the hardware level and, if needed, the software level as well.