10-Step Security and Vulnerability Assessment Plan
Use this plan to ensure your information system controls are correctly implemented.
Whether you are deploying a Secure Sockets Layer (SSL) or Internet Protocol Security (IPsec) virtual private network (VPN) in your business, you'll want to make sure the initiative includes proper safeguards that control access and protect your data. The National Institute of Standards and Technology has uploaded two resources that can help educate you about both methods and make you aware of essential security considerations.
Guide to SSL VPNs - This publication discusses the fundamental technologies and features of SSL VPNs. It describes SSL and how it fits within the context of layered network security. It also compares the SSL VPN technology with IPsec VPNs and other VPN solutions.
Guide to IPsec VPNs - This publication provides an overview of the types of security controls that can provide protection for Transmission Control Protocol/Internet Protocol (TCP/IP) network communications. IPsec is a framework of open standards for ensuring private communications over public networks.