Guide: Understanding, Securing IPsec VPNs

John Storts
Slide Show

10-Step Security and Vulnerability Assessment Plan

Use this plan to ensure your information system controls are correctly implemented.

Virtual private networks, commonly known as VPNs, are indispensable tools for communication between networks. They are especially useful to mobile workers who need to access network resources from remote locations, and the convenience of being able to access those resources from a Web browser is an added bonus.


The IPsec framework is the most common network layer security control used to provide private communication over public networks. While VPNs created using IPsec provide some data protection in terms of access control, confidentiality, replay protection, integrity and data origin authentication, they can't completely eliminate them. Flaws in software and algorithms, along with insecure configuration settings and values, can make them vulnerable to attack.


The National Institute of Standards and Technology recently uploaded the Guide to IPsec VPNs to help administrators and other IT pros reduce networking risks. Download this guidelines document to get an overview of the types of security controls that you can implement in your organization to provide safeguards for your TCP/IP network communications.


More from IT Business Edge and the Knowledge Network

Guide to SSL VPNs

Free Wi-Fi at the Cafe? Read this Before You Connect

Job Description: Network Security Engineer

Add Comment      Leave a comment on this blog post

Post a comment





(Maximum characters: 1200). You have 1200 characters left.



Subscribe to our Newsletters

Sign up now and get the best business technology insights direct to your inbox.