Text file: BOCK_chunk_05.txt
Reading lines: 1-500 (file has 501 lines)
Latest content with line numbers:
1	standard for network behavior and comparing traffic against it in real-time. While this
2	method is more effective at detecting unknown threats than signature-based IPS, it
3	produces both false positives and false negatives. Cutting-edge IPS are infused with
4	artificial intelligence (AI) and machine learning (ML) to improve their anomaly-based
5	monitoring capabilities and reduce false alerts.
6	
7	Figure 18 IDS/IPS on an Enterprise Network
8	
9	Virtual Private Networks (VPNs):
10	A virtual private network (VPN) is a computer network that provides online privacy by
11	creating an encrypted connection on the Internet.
12	
13	55 | P a g e
14	
15	The security of personal data and activities while using the Internet has always been a
16	matter of concern. It is precisely to address this pain point that the concept of virtual
17	private networks came about. The ambit of the technology gradually grew to
18	accommodate the needs of businesses and corporates of varying sizes.
19	A virtual private network is a computer network that gives online privacy to a user by
20	creating an encrypted connection from a device to a network. It uses tunneling protocols
21	to encrypt sensitive data from a sender, transmit it, and then decrypt it at the receiver’s
22	end.
23	Because the user’s internet protocol (IP) address is masked and untraceable during this
24	process, it provides a high level of privacy. The most common use of VPN technology
25	is keeping all online recreational activities of an individual untraceable, even when
26	accessed on a private Wi-Fi network.
27	When used for businesses, a VPN only allows authorized personnel to access data of
28	the organization through the Internet. With the help of a VPN, an organization with
29	multiple offices globally can share its data with its employees, irrespective of location.
30	This can be safely done because their IP addresses are masked, even while accessing
31	public Wi-Fi networks. VPN significantly reduces the threat of cyber-attacks and
32	security breaches.
33	A 2019 report by Knowledge Sourcing Intelligence LLP projected a CAGR growth rate
34	of 6.39% to touch USD50.153 billion by 2024 for VPNs. The increased demand will be
35	fueled by the need to protect against cyber-crime-related issues. Another study
36	conducted by the University of MarylandOpens a new window concluded that hacker
37	attacks happen at a frequency of every 39 seconds.
38	The CyberEdge Group 2020 Cyberthreat Defense Report revealed that 80.7% of
39	organizations in seven major sectors had been affected by at least one successful
40	cyberattack in 2020. VPN usage and data privacy are strongly interrelated. With VPNs
41	making use of a separate server for Internet usage, hackers and cybercriminals can
42	effectively be kept at bay.
43	
44	56 | P a g e
45	
46	Figure 19 virtual private network (VPN)
47	
48	Advantages and Disadvantages of Using VPN
49	In an article in Computer World (1997), author Bob Wallace told Tom Nolle, chief
50	strategist at ExperiaSphere and president at CIMI Corp, that VPNs would let companies
51	close ranks with suppliers, business partners, and remote sites around the world, and
52	support growing legions of remote workers. Those predictions have come true to a large
53	extent. Let’s look at the advantages of a VPN.
54	1. Enhanced security: The fundamental functioning of a VPN strengthens the
55	security of network traffic. It keeps all communication between remotely- located
56	employees safe from the cybercriminals, without disturbing the flow of work. A
57	VPN uses a range of encryption technologies like IP security (IPSec), layer 2
58	tunneling protocol (L2TP)/IPSec, as well as secure sockets layer (SSL) and
59	transport layer security (TLS). All of these come together to create the tunnel
60	through which encrypted data is passed from origin to destination points via a
61	server.
62	2. Bypass geo-restrictions: Particularly in the case of personal use of a VPN, georestrictions can be bypassed to gain access to sites. The case in point being the
63	scramble to access Netflix from other regions. VPN also helps to bypass
64	censorship impositions in case of restricted sites while traveling. However, this
65	access can be blocked if the need arises.
66	3. Anonymous downloads: Torrents, while usually associated with piracy, have
67	several legitimate uses as well. Despite this, accessing Torrents can put you in
68	trouble. VPNs can be used for access in such cases, provided they are for
69	57 | P a g e
70	
71	legitimate causes. There are still chances of your IP address being revealed by
72	dubious service providers.
73	4. Easy file sharing: VPNs pave the way for large networks to provide easy access
74	to the information within a private network. It makes the management of multiple
75	remote locations and employees easier, with access that is similar to a local intranetwork. This process needs a large bandwidth. However, internet service
76	providers (ISPs) often resort to bandwidth and data throttling to boost the Internet
77	speed of other customers; that is, they place a cap on the amount of data and
78	bandwidth used. VPN helps bypass these caps.
79	Disadvantages:
80	1. Speed issues: The stronger the encryption for a VPN, the slower it becomes. This
81	especially holds true for free VPN providers (which come with several other
82	negative points). However, paid services can deliver good levels of encryption at
83	decent speeds. There are several ways to boost speed, for instance, reducing the
84	distance between the device and the VPN server location. Also, upgrading to the
85	necessary number of servers that can take the load of a large number of people
86	using it makes a huge difference.
87	2. Increased network complexity: If you require a high-quality VPN, the network
88	that needs to be set up will be more complex. This comprises several network
89	topologies, protocols as well as hardware devices. The complexity can take a
90	while for users to understand.
91	3. Security issues: Businesses use VPNs for the primary reason of giving data access
92	to the employees working remotely. The security of the company’s network is
93	then based on the number of users, their devices, and their access points, which
94	reduces control of the VPN.
95	
96	Types of VPNs:
97	To find the right VPN for your business or even personal use, you must first determine what
98	you need. The various types of VPNs include:
99	
100	58 | P a g e
101	
102	Figure 20 types of VPNs
103	1. Remote access VPNs
104	Businesses utilize remote-access VPNs to create a secure connection between corporate
105	networks and personal or company devices used by remote employees. Once connected,
106	employees can access information on the company network in the same way they would
107	if their devices were physically plugged in on office premises.
108	2. Site-to-site VPNs
109	Site-to-site VPNs are ideal for enterprises and businesses. They provide the ability to
110	access and share information with a number of users based in several fixed locations.
111	Site-to-site VPNs are used in large-scale businesses where a multi-departmental
112	exchange of information needs to be carried out securely and continuously. Such VPNs
113	are not easily implemented and require a great deal of specialized equipment and
114	complex hardware and resources. These VPNs are custom-built and may not come with
115	the flexibility that commercial VPN services offer. Within site-to-site networks are:
116	
117	59 | P a g e
118	
119	• Intranet-based site-to-site VPNs
120	Intranet-based site-to-site VPN connects an organization’s own networks. For instance,
121	if a company has its headquarters in Germany and wants to set up an office in Australia.
122	Employees in both locations will want to collaborate during the process. So, a site-tosite VPN will connect the German office local area networks (LANs) to the same wide
123	area network (WAN) as that of Australia, and share information securely. This is an
124	example of an intranet-based site-to-site VPN.
125	•
126	
127	Extranet VPN site-to-site VPNs
128	
129	Extranet-based VPNs serve as a connection between two intranets that need to be
130	connected but don’t have a way of accessing each other. If two different companies
131	want to collaborate on a project, an extranet-based VPN will be used.
132	3. Client-based VPNs
133	Client-based VPNs allow users to be connected to a remote network through an
134	application/client that manages the connection and the communication process of the
135	VPN. For a safe connection, the software is launched and authenticated with a username
136	and password. An encrypted link is then established between the device and the remote
137	network.
138	Client-based VPNs allow users to connect their computers or mobile devices to a secure
139	network. It’s a great option for employees to access their company’s sensitive
140	information while working from home or a hotel.
141	4. Network-based VPNs
142	Network-based VPNs are virtual private networks that securely connect two networks
143	over an unsafe network. An IPsec-based WAN is an example of a network-based VPN.
144	In this VPN, all offices of a business are connected with IPsec tunnels on the Internet.
145	The three common types of network VPNs include:
146	•
147	
148	•
149	
150	IPsec tunnels: This type of approach establishes a tunnel to exchange the data
151	between two networks in an encrypted form. IPSec tunnels can also be used to
152	encapsulate the traffic for a single device.
153	Dynamic multipoint VPNs (DMVPN): This type of approach allows IPsec
154	point-to-point tunnels in a cloud of connected networks. DMVPN allows any two
155	networks to communicate directly across the DMVPN cloud.
156	
157	60 | P a g e
158	
159	•
160	
161	MPLS-based L3VPNs: Multiprotocol label switched (MPLS) networks allow
162	virtualization of networks so that users can share physical networks while staying
163	logically separate.
164	
165	Access Control Lists (ACLs):
166	Access Control Lists (ACLs) are rule-based mechanisms that define who can access
167	specific network resources and how. They can be implemented on various network
168	devices like firewalls or routers. ACLs specify permitted or denied access based on
169	factors like user identity, IP address, device type, or application. This allows granular
170	control over network access, restricting unauthorized users or devices from accessing
171	sensitive resources.
172	These are just some of the many network security measures available. The specific tools
173	and techniques you use will depend on the size, complexity, and security needs of your
174	network. By implementing a combination of these measures and following security best
175	practices, you can significantly reduce your network's exposure to threats and
176	vulnerabilities.
177	
178	Figure 21 Access Control Lists (ACLs)
179	
180	61 | P a g e
181	
182	Types of Access Control Lists.
183	There are two types of Access Control Lists:
184	1. Standard ACLs
185	Standard ACLs operate on the source IP address of the traffic. They are used to permit
186	or deny traffic based on the source IP address of the packet. Standard ACLs are
187	numbered between 1 to 99 and 1300 to 1999.
188	2. Extended ACLs
189	Extended ACLs operate on the source and destination IP addresses, protocol, and port
190	numbers of the traffic. They are used to permit or deny traffic based on a combination
191	(Content truncated due to size limit. Use page ranges or line ranges to read remaining content)