Protection of VPN concentrators through deception
Reading Time: < 1 | Published: May 27, 2020 in Attivo News
Tags: deception, Joe Weidner, threat detection, VPN
Given the rapidly increasing number of employees who work from home, VPN (virtual private network) infrastructures are particularly at risk.
…
The focus is on so-called VPN concentrators. A VPN concentrator is in the ‘middle’ of the network, i.e. at the hub; it concentrates VPN connections and forwards traffic. This is usually hardware for cryptographic processes that can bundle or serve a large number of VPN processes. As a result of the increase in VPN traffic in the corporate network as a whole, these systems are becoming increasingly stressed. In addition, there are insufficiently secure operating processes and internal company systems that create new targets.
Like any network infrastructure, a VPN is an attractive target for attackers, because such a ‘tunnel’ is a trustworthy way to get into the company network. If attackers compromise the VPN infrastructure, they could potentially access the internal network and management infrastructure. This includes important assets such as logging and even Active Directory.
Read the full article by Joe Weidner, Regional Director DACH at Attivo Networks, to learn how deception is an effective tool for threat detection when it comes to effectively detecting both normal and critical cyber threats in networks.
Share on:
Continue Reading
Free Active Directory Assessment
Get Visibility Into Privilege And Service Account Exposure
For a limited time, Attivo Networks is providing free Active Directory Security Assessments to demonstrate how ADAssessor provides unprecedented and continuous visibility to AD vulnerabilities.
Try Our Endpoint Detection Net (EDN) for Free
FAST AND EASY
Free use offer of our Award-winning security solution to prevent attackers from lateral movement, credential theft, and privilege escalation, fast and easy.
Newsletter Signup
ADSecure 90-Day Free Trial
GET PROTECTION AGAINST UNAUTHORIZED ACCESS TO ACTIVE DIRECTORY
- Hide and deny access to AD objects
- Get alerted on unauthorized queries
- Attack details easily viewable in dashboard
- Your data remains on-premise