8RESP

RESPOND TO THIS DISCUSSION POST BASED ON THE TOPIC “When might having a VPN solution actually introduce additional threats and attacks to a private internal network? What methods could be applied to secure the communications?”

 1.Tmi D). VPN and Mobile Devices

The benefit of using a VPN is that you are able to hide your IP address, put another server between you and the websites you are browsing. In theory, the VPN you funnel all your network browsing through an encrypted server, then on to the website. Making it more difficult to monitor what you are looking at.

Because mobile devises have become such a intricate part of most networks, the issues that they possess has to be taken into consideration when planning for a VPN company wide. One of the biggest problems that come with using a VPN is configuring the VPN to be secure when using mobile devices. There is a high percentage of the aps that are designed for mobile devices that are not doing the job that they promote they can do.  In a recent analysis of 283 mobile VPN that are on Google play.  84 percent of the aps looked at didn’t encrypt traffic between sites correctly.

2Jnthn C). Caruso Discussion 8.1

 In the past, the operations of most businesses were conducted in a single location. Therefore, deploying a network (if one were to be deployed at all) was a simple matter of routing network cables within the premises. Those organizations that were large enough to comprise multiple locations would enable communication among them by installing leased lines between each pair of office sites.

Building network infrastructure is expensive, however, and as employees began operating outside the confines of a single office building, it was no longer cost-effective to lease lines to accommodate these users, especially when they travel to many different areas at great distances from headquarters. Thus, virtual private networks (VPNs) leverage existing network infrastructure - specifically, the Internet - to provide remote users access to the office network on a smaller budget.

Of course, the Internet being inherently insecure, any traffic sent over a VPN must be encrypted to prevent eavesdropping attacks. This introduces the same issues that arise with any use of cryptography. Remember that all encryption technologies are not created equal. The data encryption standard (DES), for instance, is woefully inadequate for general use. Triple DES (3DES) offers better security but requires more time and processing power. By contrast, the advanced encryption standard (AES) not only provides stronger encryption than even 3DES but is faster and less resource-intensive. Therefore, most VPN packages available today support AES.

Even AES is not immune to attack, however. Side-channel attacks, which attempt to gain cryptographic information based on physical characteristics of the underlying infrastructure (e.g., timing of tasks, power fluctuations, thermal imaging), have been successfully launched against AES ciphers. Although such attacks require a great deal of expertise on the part of the cryptanalyst, once a successful attack has been identified, the cryptanalyst can simply write scripts and instructions to automate the codebreaking process.

Thankfully, side-channel attacks can be prevented by taking a number of simple measures, such as installing line conditioners and uninterruptible power supplies (UPSs) to reduce power fluctuations, as well as using shielding to prevent electromagnetic radiation from leaking out and potentially exposing plaintext messages.

Granted, it may be more difficult to implement these measures on remote systems.

3Frnd Tch ).  A VPN as a fact, is commonly used within the Internet in order to provide a secured communication to a network of computers. Therefore, even through an unsecured Internet environment, a VPN has the features of providing an appreciate level of security. VPN core activities that encryption, authentication, and encapsulation are should intervene as a whole to produce a high quality of services.

As a scenario, let consider a failure packets enclosed process that leads to an approximate encapsulation where data integrity is compromise, or and encryption process where key length is short and susceptible of brute force, it then appears that one or more of VPN core activities is disrupt to allow potential intruder going forward with his dirty task.

Strengthen these core activities so that any of their disruptive effect probability of occurrence become significantly less must be a perpetual goal to optimize a VPN results.

PLEASE READ THIS.IT IS VERY IMPORTANT

Allow your discussion posts to be detailed and capable of sharing knowledge, ideas and points.  You must discuss the topic using your own words first.  Using your own words indicate you understand the topic of discussions.  Secondly, you must cite your sources in-text.  This is necessary to justify your points. Sources from several sources showed good research abilities.  Lastly, you must provide references at the bottom of your post.  A discussion post without justification with sources does not show proper research abilities. A terse and not detailed discussions represent post that would not provide enough sharing of knowledge or proper understanding of the topic. DO NOT just copy and paste a sentence from online with citation at the end as your own discussion. I have not asked for definitions, I asked for discussions and will not buy this.  You must show understanding of the discussion topic by using your own words to describe the topic and then justify that with sources.

www.citationmachine.net to format references into the APA style if necessary. Extremely important. Intext citations is very essential and highly needed as well.

use double spacing, 12-point Times New Roman font, and one-inch margins. Sources should be cited according to APA citation method (citation should be relevant and current). Page-length requirements:2 PAPARAGRAPHS FOR EACH PROMPT ANSWER. Make sure you cite if you take a piece of someone’s work, very important and your reference should relate to your writing (don’t cite a reference because it relates to the course and not this very paper) at least 2 current and relevant academic references. No heavy paraphrasing of others work.