session_09_vpn__ipsec__and_tls_101908

For the application server the proxy server is the

Info iconThis preview shows page 1. Sign up to view the full content.

View Full Document Right Arrow Icon
This is the end of the preview. Sign up to access the rest of the document.

Unformatted text preview: non-secure network and the SSL VPN proxy, and another connection between the SSL VPN proxy and the endpoint in the secure network. The proxy prevents users from making a direct connection into a secured network. A SSL VPN proxy acts as a server to the client and as a client to the server. • The SSL VPN ensures that authorized users have access only to specific resources, as allowed by the company security policy implemented by the SSL VPN proxy and integrated traffic management. • Proxy servers break the TCP/IP connection between client and server so the packet’s IP address is not forwarded. They eliminate the exposure of internal IP addressing details to the non-secure network by hiding the IP address of the endpoint on the secure network. Only the public IP address of the proxy server is visible from the non-secure network. • When an application client needs to connect to an application server, the client connects to a SOCKS proxy server. The proxy server connects to the application server on behalf of the client and relays data between the client and the application server. For the application server, the proxy server is the client. 49 VPN, IPSec and TLS SSL VPN Threats • User passwords may remain on public-computers after users log off. — User passwords are stored by the browser. • Sensitive data, such as browser cache entries, URL entries, cookies, and any historical information created during the session, may remain on public computers after users complete their SSL VPN sessions. • Downloaded files are stored in the public computer’s “Temporary Folder.” • Users forget to logout. — Next public computer user may have access to applications. • Worms and viruses may be transferred from the public computers to the corporate internal network. VPN IPsec IKE v2 TLS M. Mogollon – 01/08 - 50 • The following are considered threats to an SSL VPN: o Sensitive information may be left on computers at insecure locations. o User passwords may remain on public-computers aft...
View Full Document

Ask a homework question - tutors are online