Welcome to Scribd, the world's digital library. Read, publish, and share books and documents. See more
Download
Standard view
Full view
of .
Look up keyword
Like this
1Activity
0 of .
Results for:
No results containing your search query
P. 1
Recording Remote Vendor Access - SSL VPN Gateway Sessions

Recording Remote Vendor Access - SSL VPN Gateway Sessions

Ratings: (0)|Views: 14|Likes:
Published by Amy Marion
In the following article, I will demonstrate how to record remote-access VPN gateway sessions. In this deployment, all secure remote access sessions are routed through one or more central remote access gateways, with secondary remote desktop sessions serving as the method to access internal Windows or UNIX servers. All sessions gateway are fully audited and recorded. This recorded session allows Auditors and IT managers to have a full visual audit trail of all connections; identify the source of each connection; and view a step-by-step replay of the actions taken and applications accessed on these machines
In the following article, I will demonstrate how to record remote-access VPN gateway sessions. In this deployment, all secure remote access sessions are routed through one or more central remote access gateways, with secondary remote desktop sessions serving as the method to access internal Windows or UNIX servers. All sessions gateway are fully audited and recorded. This recorded session allows Auditors and IT managers to have a full visual audit trail of all connections; identify the source of each connection; and view a step-by-step replay of the actions taken and applications accessed on these machines

More info:

Published by: Amy Marion on Dec 15, 2011
Copyright:Attribution Non-commercial

Availability:

Read on Scribd mobile: iPhone, iPad and Android.
download as PDF, TXT or read online from Scribd
See more
See less

09/27/2013

pdf

text

original

 
 
`
Remote Vendor Monitoring
Recording Secure Remote Access SSL VPN Gateway SessionsAn ObserveIT WhitepaperDaniel Petri
March 2008© Copyright 2008 ObserveIT Ltd.
 
 Whitepaper: Remove Vendor Monitoringwww.observeit-sys.com
2
Table of Contents
Executive Summary .............................................................................................................................. 2The Need for Centralized Remote Access .............................................................................................. 2Establishing Remote Connections ......................................................................................................... 2Securing the Remote Access Sessions ................................................................................................... 3Protecting the Internal Network ........................................................................................................... 4Using Microsoft TS Gateway ................................................................................................................. 5Monitoring User Activity ....................................................................................................................... 5Real Time Monitoring and Integration with Management Tools ............................................................ 6`User Identification ............................................................................................................................... 7Conclusion ............................................................................................................................................ 7Benefits of this solution include: ........................................................................................................... 7About ObserveIT................................................................................................................................... 7
Executive Summary
In the following article, I will demonstrate how toRecord Secure Remote Access SSL VPN GatewaySessions, using Terminal Services/ in conjunctionwith ObserveIT. In this deployment, all secureremote access SSL VPN sessions are routed throughone or more central remote access gateways, withsecondary remote desktop sessions serving as themethod to access internal Windows or UNIXservers and other network devices. All sessionsthrough the Secure Remote Access SSL VPNGateway are fully audited and recorded. Thisrecorded session allows Auditors and IT managersto have a full visual audit trail of all secure remoteaccesses SSL VPN connections; identify the sourceof each secured remote access connection; andview a step-by-step replay of the actions taken andapplications accessed on these machines.This whitepaper covers the following topics:1.
 
Setting up a Windows Terminal GatewayServer2.
 
Secure communication to the Gateway usingSSL VPN Gateway3.
 
Audit, Alert and Replay all Recorded Sessionsperformed on the Gateways
The Need for Centralized RemoteAccess
In today's complex network and IT environments,more and more people need access to corporateservers, applications, databases and managementtools. While trying to minimize human interventionwith these critical services, IT managers need toconsider how to allow the remote access andmanagement of these services: Who to allowaccess; How to secure and audit access; How torecord all actions that are performed on theseservers.The continuous need to control budgets bydecreasing operational costs and maintenance feeshas led many large and medium corporations tousing external consultants and outsourcing serviceswhile minimizing internal IT departments.
Establishing Remote Connections
In order to mitigate this risk, a leading approach toenabling remote connections is to create a secure
 
 Whitepaper: Remove Vendor Monitoringwww.observeit-sys.com
3
remote access deployment, in which all remoteconnections go through one or more terminal orcitrix gateway servers. All vendors and remoteadministrators will initiate an remote desktopRDP/ICA Session to these servers, where they willbe authenticated and, if authorized, granted accessto either the entire desktop, or to a subset of published applications that are to be used formanagement purposes.The first component of such a solution is the actualremote access mechanism. Here, we have a fewoptions to consider. The decision on what remoteaccess solution to chose is closely related tosecurity concerns, corporate policy, budget andnumber of concurrent connections.Using regular RDP connections from the externalworld through your corporate Firewall is probablythe easiest option to deploy. However, it is also themost unsecure method when compared to theother options. RDP packets travel across theInternet as regular packets, and unless the built-inencryption capabilities of Terminal Server are alsoemployed, this will not provide adequate securityfor the connection. Furthermore, unless usingsome sort of remote access control mechanism(such as a Firewall that has authenticationcapabilities), the only barrier that will prevent amalicious user from entering the network is theTerminal Server Windows Authentication prompt.
Securing the Remote AccessSessions
In order to add an additional layer of security tosuch connections, we will need to deploy some sortof remote access solution prior to the actualconnection to the Terminal Server itself. Optionsfor securing remote access include:
 
IPSec, L2TP or PPTP-based VPN connectionsthrough Microsoft Windows Server 2003/2008RRAS, by using Microsoft ISA Server, or byusing leading 3rd-party solutions fromvendors such as Cisco and CheckpointSSL VPN connections by using appliances such asJuniper SSL VPN, Cisco SSL VPN, Check PointConnectra and others, or by using MicrosoftWindows Server 2008 SSTP
 
Microsoft Windows Server 2008 TS GatewayconnectionsThe benefits of using VPN-type remote accessinclude the fact that the connection is stronglyencrypted, adding extra security encapsulation toeach packet. VPN enables the protection againstunauthorized access because prior to gainingaccess to the actual remote management gateway,users are forced to authenticate themselves withtheir credentials or token, and only then they willbe granted access to the gateway. On the otherside, in most VPN products, an additional cost is

You're Reading a Free Preview

Download
scribd
/*********** DO NOT ALTER ANYTHING BELOW THIS LINE ! ************/ var s_code=s.t();if(s_code)document.write(s_code)//-->