Enterprise border application product VPN security requirements

1. Target Environment

1) Overview: the customer is an advertising company with more than 300 employees and belongs to departments A and B and the headquarters respectively. Due to the rapid business development in recent years, branch offices have been established in many large and medium-sized cities in China.

2) IT environment: the customer's IT architecture is mainly built on Microsoft products because of business processing needs and a small number of products and solutions from other vendors. The customer's network is divided by simple CIDR Blocks Based on the department of the user, while the branches in the field and users on business trips connect to the internal network of the enterprise through the Internet Using VPN. To enhance the information exchange capability between enterprises and the outside world, enterprises have established a small internal data center and provide Web access and email services to internal and external users.

3)

Figure1: Brief View of the customer's internal network topology and main challenges

2. Problems

After the enterprise's internal network is put into use, the information sharing level among all departments and employees in the Enterprise has been greatly improved, and the Business Collaboration capability has also been significantly improved, however, enterprises also found many problems in use, which have a greater impact on their business:

1) The current VPN solution is inconvenient to use: currently, the enterprise provides VPN services for foreign branches and mobile users on business trips, using a VPN device from a well-known network equipment manufacturer. Due to its own defects, the VPN solution cannot be integrated with the user management solution Active Directory used in the internal network of the enterprise. As a result, VPN users must remember one user password pair, this increases the complexity of your use. In addition, enterprise network administrators cannot directly apply existing network security policies to VPN services. They must use another security policy.

2) Frequent hacker attacks on the servers in the enterprise data center: regular security audits on the enterprise data center have found that servers placed in the data center have suffered various hacker attacks, among them, the Web server suffered the most attacks, and there were several successful intrusions. The Mail Server recorded an astonishing number of attacks.

3) frequent infections of malware within the enterprise's internal network: due to the weak security awareness of the enterprise's internal network users, there is also a lack of effective measures to intercept harmful data access, therefore, enterprise network administrators have to deal with multiple malicious software events every week due to insecure Internet usage, significantly increasing the workload of the IT department.

3. Security Requirements

To overcome the many problems that enterprises encounter when using IT facilities, enterprises plan to deploy a set of border security solutions to enhance the defense capability of existing IT facilities against external threats, this solution is required to meet the following requirements:

1) integrates VPN functions and provides user verification and management functions that are compatible with the existing management solutions of the enterprise's internal network;

2) effectively defends against various external threats against internal network attacks, especially protecting the servers of enterprise data centers from hacker attacks;

3) can effectively intercept various malicious data on the internal network of the enterprise;

4) if the preceding three conditions are met, the deployment, management, and maintenance of solutions should be as simple as possible to reduce the maintenance cost and workload of the enterprise IT department.

Related Articles]

• Microsoft ISA Server Intranet Security Solution