Maximizing VPN Security.
Just as you maximized your internal
network security with a firewall router, you should also maximize
security for your externally transmitted data with a VPN router from
Avoid any VPN, router or software, that
utilizes PPTP over IPSec. PPTP (Point-to-Point Tunneling Protocol)
only utilizes the user's name and password for security. IPSec (IP
Security), on the other hand, offers more robust authentication and
actually encrypts the data transmitted over the Internet.
IPSec is compatible with most VPN
endpoints and ensures privacy and authentication for data, while
authenticating user identification. With IPSec, authentication is
based upon the PC's IP Address. This not only confirms the user's
identity but also establishes the secure tunnel at the network layer,
protecting all data that passes through.
By operating at the network layer, IPSec
is independent of any applications running on the network. This way,
it doesn't take up bandwidth on your network, allowing you to do more
with greater security. Still, it is important to note that IPSec
encryption does create a slight slowdown in network throughput, due to
the processing necessary for encrypting and decrypting data.
Some VPN devices leave the IP Headers
unencrypted. These headers contain the IP Addresses for the users at
both ends of the VPN tunnel and can be utilized by the hacker in
future attacks. Linksys VPN Routers, however, do not leave the IP
Headers unencrypted. Using a method called PFS (Perfect Forward
Secrecy), not only are the IP Headers encrypted but the secret keys
used to secure the tunnel are encrypted as well.
All of this protection actually comes at
a lower cost than most VPN endpoint software packages. A Linksys VPN
Router will allow the users on your network to secure their data over
the Internet without having to purchase the extra client licenses that
software packages will require. With VPN functions handled by the
router, rather than your PC (which software packages would require),
your PCs are freed up to perform more functions, more efficiently. An
additional benefit to this is that you aren't required to reconfigure
any of your network PCs.
As secure as a Linksys VPN Router makes
your data, there are still more ways to maximize security. The
following are just a few suggestions on how to increase data security
beyond using a VPN router.
1) Maximize security on your other
networks. Install firewall routers for your Internet connections and
use the most up-to-date security measures for wireless networking.
2) Narrow the scope of your VPN tunnel as
much as possible. Rather than assigning a range of IP Addresses, use
the address specific to the endpoints required.
3) Do not set the Remote Security Group
to Any, as this will open the VPN to any IP Address. Specify a single
4) Maximize Encryption and
Authentication. Use 3DES encryption and SHA Authentication whenever
5) Manage your Pre-shared Keys. Change
Pre-shared Keys regularly.
Data transmission over the Internet is a
hole in network security that is often overlooked. With VPN maximized,
along with the use of a firewall router and wireless security, you can
secure your data even when it leaves your network.