Optimizing VPNs for security: 5 key tasks

As the need to support remote workers becomes long-term, it's wise to check your VPN configuration to minimize vulnerabilities.

VPN security vulnerabilities  >  VPN alert / warning / network servers
Funtap / 200Degrees / Getty Images

It appears that companies will need to support and protect work-from-home employees for a prolonged period of time. Maybe it’s time to review that virtual private network (VPN) you set up for vulnerabilities. Recently the National Security Agency released its Securing IPsec Virtual Private Networks document, which discusses the regular tasks you should do to keep your network secure: 

  • Reduce the VPN gateway attack surface
  • Verify that cryptographic algorithms are Committee on National Security Systems Policy (CNSSP) 15-compliant
  • Avoid using default VPN settings
  • Remove unused or non-compliant cryptography suites
  • Apply vendor-provided updates (patches) for VPN gateways and clients

Let’s take a deeper look at these and other tasks you can do to lock down your VPN connections:

Use the current version of your VPN software

To continue reading this article register now

Make your voice heard. Share your experience in CSO's Security Priorities Study.