unit 7 assignment 1_create a vpn connectivity troubleshooting checklist
TRANSCRIPT
[
]
2014
Name?IS3220
Mr. ?
Developing a VPN Policy and Name?Enforcing VPN best practices IS3220
13 Feb 2014
There can be a variety of uses for an organization to use or authorize the use of VPN
services; it depends greatly on what the nature of their business is. If a business does decide to
use VPN connections it must also develop an Acceptable Use Policy (AUP) to enforce the
standards, policies, guidelines, and the security of the organizations network. The types of users
or groups that are more likely to use these types of services are; Employees working from home,
Server administrators, Branch office workers, and off-site contractors. The employee working
from home would probably need a secure connection to the company’s intranet. The Server
administrator will need a secure remote connection to the server, and the off-site contractor more
than likely will need access to specific project files on the company’s network. A Branch worker
at a bank for example would definitely need a secure remote connection in order to access a main
branch office for any reason.
By developing an AUP for the VPN service and having all users agree to them, this holds
them responsible for anybody using their login or computer. The Administrator would be able to
see which account was used during any violations or breaches, in return holding the user
responsible. The VPN AUP will include permissible and impermissible user and group
behaviors which they will have to agree to in order to be allowed to utilize the VPN service. Not
only does the user or group need to agree to the VPN AUP but also they must also have a need or
purpose for accessing the company network via a VPN connection in the first place. VPN usage
can also be restricted by dates and times of the day to make sure nobody is accessing the system
when they don’t need to be. Violations that have been identified will be handled on a case-by-
case basis but on the other hand if the individual is a repeat offender then their access will be
suspended or totally revoked.