Free Newsletter
Register for our Free Newsletters
Access Control
Deutsche Zone (German Zone)
Education, Training and Professional Services
Government Programmes
Guarding, Equipment and Enforcement
Industrial Computing Security
IT Security
Physical Security
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec
ProSecurityZone Sponsor
ProSecurityZone Sponsor
ProSecurityZone Sponsor
ProSecurityZone Sponsor
ProSecurityZone Sponsor
ProSecurityZone Sponsor

12-point blueprint for the future of network security

NCP Engineering : 23 June, 2009  (Technical Article)
NCP engineering sets out its vision of the network access technology of the future in 12 requirements
NCP engineering has developed a blueprint for Next Generation Network Access Technology. The roadmap details the 12 essential components (below) organisations need to secure their networks, foster productivity across a distributed network and streamline central management policy, while meeting compliance mandates.

1. Central Management

Central management of all user components is a basic requirement of new VPN solutions. With a single point of administration, only one user interface is needed for the dialer, VPN client, personal firewall and WLAN-login, and only one console is needed for the VPN gateway, certificate authority and LDAP console, endpoint policy and software distribution console. Central management simplifies mass-rollouts, and eases the administration of user-related data, integrated personal firewalls, removed VPN gateways, software updates and certificates. It can also reduce training expenses for administrators and users.

2. Network Access Control

Endpoint policy enforcement is another essential functionality for the implementation of next generation network access technology and endpoint security. With users able to manipulate security safety guidelines, administrators must check all relevant parameters before giving access to the network system. This control forces users who do not fulfil safety guidelines into a quarantine zone.

3. Strong Authentication

Strong authentication procedures are critical to the implementation of a next generation network access technology. It is no longer sufficient to allow access to a company's network system through user names or passwords, for both can be easily spied out by hackers. System administrators must apply authentication tools, including OTP-Token, OTP Mobile, digital certificates and biometrical technology.

4. Open Standard Interface

Next generation network access technology must be able to support all relevant operating systems (e.g. Windows XP 32/64, Vista 32/64, Windows Mobile, Symbian) and VPN gateways (e.g. Cisco, Checkpoint, Watchguard). An open standard interface reduces organisations' administrative burdens as well as overhead costs.

5. IPSec and SSL Hybrid Support

It is necessary for enterprises to have secure external company communication in every remote access environment, with and without VPN client software. Regardless of whether IPSec or SSL technology is applied, next generation network access must control both simultaneously. Administrators can enable mobile employees to communicate, either fully integrated in a centrally managed IPSec VPN (Intranet) or be connected "clientless" to the company's network.

6. Personal Firewall

An integrated, dynamic personal firewall is key component for the next generation of network access technology. With a firewall setup, the administrator can select the best control installation for ports, IP addresses, segments and applications. The administrator can also automatically distinguish between safe and unsafe networks, as well as activate and deactivate appropriate firewall regulations.

7. Compliance

Next generation network access technology implementations can help organisations achieve and fulfil all regulatory compliance objectives, such as data protection. The solution must be capable of transparently recording all security data and generate audit-safe reports for appropriate company departments.

8. Integrated Dialers

All dialers for different access scenarios, such as WLAN, UMTS, hotspot, GPRS and modem, are integrated into the VPN system. With dialling parameters centrally managed, blocked and unreeled, administrators can prevent users from working with different software interfaces.

9. Automated User Access

Automated user access allows administrators to effortlessly integrate new users and department connections into the VPN system. This flexible and scalable component also connects remote users by transferring personnel data records.

10. User Permissions

Entered and only changeable by the administrator, user permissions are a necessary requirement for enterprises. Parameters can be configured depending on a user's knowledge or a company's policy user rights. Administrators prevent subsequent manipulation, whether intended or through error, and reduce users' needs for helpdesk support.

11. IT Integration

Smooth integration into existing IT territories is essential. By implementing VPN solution standards, organizations can protect its infrastructure investment and assure a high integration capability.

12. Long-Term Development

Enterprises must ensure that its next generation network access technology has no restrictions in relation to new operating systems and infrastructure migrations. Administrators must take both the near and long-term safety of the solution into consideration.

Bookmark and Share
Home I Editor's Blog I News by Zone I News by Date I News by Category I Special Reports I Directory I Events I Advertise I Submit Your News I About Us I Guides
   © 2012
Netgains Logo