skip to content

Support Portal

NCI.ca

Solutions

NCI will evaluate, advise, and implement an IT security solution, particular to your needs.

Solutions Contact

Contact Name
 solutions@nci.ca | 905.607.9777

IT security | VPN/SSL

SSL VPN  (Virtual Private Networks /  Secure Sockets Layer) for simple remote user support with end-to-end encryption should be further secured with host-based scans and 2-factor authentication.

A virtual private network (VPN) is often used by companies or organizations, to communicate confidentially over a public network. A VPN can send data (e.g., voice, data or video, or a combination of these media) across secured and encrypted private channels between two points. VPNs are commonly used to connect office locations together, or to provide remote access to users over an open public network such as the Internet.

Secure VPNs use cryptographic tunneling protocols to provide the confidentiality, sender authentication, and message integrity to achieve privacy. When properly chosen, implemented, and used, such techniques can provide secure communications over non-secure networks.

Secure VPN technologies may also be used to enhance security as a "security overlay" within dedicated networking infrastructures.

Secure VPN protocols typically include the following:

 IPsec was introduced to provide security services such as:

  • Encrypting traffic so it cannot be read by parties other than those for whom it is intended.
  • Integrity validation to ensure traffic has not been modified along its path.
  • Authenticating the peers to ensure that traffic is from a trusted party.
  • Anti-replay protection against replay of the secure session.

SSL is a framework more often associated with e-commerce, but it has been used to provide remote access VPN capabilities. This is one of the simplest ways of providing end users with remote connectivity to your internal network. Using the internet as a backbone, a secure connection is created by the VPN using encryption between the remote users and the network. A major practical advantage of an SSL-based VPN is that it can be accessed from any public wireless access point that allows access to SSL-based e-commerce websites, whereas other VPN protocols may not work from such public access points.

Using SSL, the VPN is no longer bound by traditional operating system software clients that need to be maintained and upgraded. Operation is based on an easy web interface with hyperlinks to web email access, file shares, and even Citrix or remote desktop connections.

However, since SSL VPNs are typically broadcast on the web as a remote-access portal, anyone has the ability to gain access to the authentication prompt. This public access needs to be controlled using a combination of host-based scanning and two-factor user authentication.

The host-based scan should include checks against current anti-virus/anti-spyware policies and signature files prior to granting access. The integrity of the individual logging in can be further verified using two-factor authentication. See [Multi-Factor Authentication]

NCI offers and supports the following VPN / SSL products:

Check Point Software Technologies:   

Check Pointe VPN-1
SSL Network Extender
VPN-1 Secure Client 

Juniper Networks:   

The Juniper Networks family of NetScreen and SSG purpose-built security solutions are designed to satisfy customer networking and security requirements that range from small branch office and telecommuter locations to high speed carrier and data center environments. Juniper Networks SSL VPN Secure Access appliances combine the overall benefit of a lower total cost of ownership over traditional IPSec client solutions, with unique end-to-end security features.

Fortinet:   

Fortinet’s advanced VPN solutions meet the price/performance requirements of any-sized enterprise.

Nortel Networks:   

Nortel VPN Routers provide routing, IPsec and SSL VPN, firewall, bandwidth management, encryption, authentication, and data integrity for secure connectivity  across managed IP networks and the Internet. Nortel VPN Routers connect remote users, branch offices, suppliers, and customers with the cost and performance advantages of public IP networks and the security and control found in private networks. Nortel’s VPN Gateway portfolio is a remote access security solution that extends the reach of enterprise applications to remote employees, partners, and customers. 

Nokia   

The Nokia SSL VPN solution provides secure, authenticated and controlled access to business applications and resources. It provides enterprises with a secure connectivity backbone to connect people and locations to business applications.

tag alter ego watches tag alter ego watch tag alter ego switz replica watches swiss-made replica watches swiss wristwatch swiss wrist swiss watches reviews swiss watches replica swiss watches brands swiss watches swiss watch manufacturers swiss watch manufacturer swiss watch making swiss watch makers swiss watch collection swiss watch brands swiss watch brand swiss watch swiss uhren swiss tourbillon swiss strap swiss rolex replica watches swiss rolex replica swiss replica watches uk sites swiss replica watches rolex swiss replica watches movado swiss replica watches swiss replica u-boat watches swiss replica store rolex watches swiss replica rolexes swiss replica rolex watches swiss replica rolex president watches swiss replica rolex in boston swiss replica rolex swiss replica omega constellation mini swiss replica graham watches swiss replica daytona watches