<Back
Why does a VPN business need?

VPN, VPN, VPN ... This is the word that regularly appears at the time of blocking some social network, messenger or other foreign service.


But in fact, a VPN is not only a tool for accessing prohibited resources.


Issue


Imagine that you are the owner of the company LLC "Chudokorp". The company has servers with a website and a CRM system. The site has its own admin panel through which you can edit content - CMS.


Let these resources be available at the following addresses cms.chudocorp.com and crm.chudocorp.ru accordingly.


An impressive number of companies place their cloud resources on the general Internet. This means that they can be accessed from anywhere in the world and from any network, just enter the link in the browser. This is an erroneous policy that can lead to hacking and subsequent data leakage. For example, you can hack vulnerable services on the server and gain access to it, or you can, by brute-force credentials, gain access to the services themselves, especially if there is no protection against this. Most of us keep lists of customers, suppliers and other important information in CRM.


One of the ways to fix this problem is to make access to corporate services from certain IP addresses. This will solve the problem if you and your employees work from a network with "white" IP addresses and never connect to corporate resources outside the office. As you may have guessed, this is an inflexible solution. Let's upgrade it with a VPN.


Our task will look like this: "We want access to the cloud resources of Chudokorp to be closed to the entire Internet, except for the company's employees."


Solving


Here is the definition of VPN from Wiki:

VPN (Virtual Private Network) — a generic name for technologies that allow providing one or more network connections over another network, such as the Internet.


VPN has many purposes. In this article we will consider Remote-access assignment.


Remote-access is when a VPN is used to create a secure channel between corporate network resources and a single user who, working outside the office, connects to corporate resources from a home computer, corporate laptop, smartphone or other device connected to the network.


What does the scheme of working through a VPN look like:


The image suggests that access to corporate tools is only possible via VPN, all other connections will be rejected. The VPN connection is made using credentials or a certificate, which are quite difficult to crack.


In the image above, the VPN is designated as a separate remote server, but it can be embedded directly into the local network of the enterprise, or on a separate server with a corporate resource. There are many options, each is selected for a specific task.


Where to get a VPN service?


On this issue, the only recommendation is to deploy your own VPN server. There are wonderful and reliable open source solutions that will not require you to make additional investments to purchase a license.



You should not buy subscriptions to third-party VPN services, much less use free ones, for at least 3 reasons:

  1. the speed will not please you;
  2. VPN provider will be able to monitor your traffic;
  3.  you will still not have control over the situation and flexibility.


To raise and configure a VPN is a simple task for an IT specialist, which does not take much time.


Conslusion


Our solution with access from certain IP addresses now looks like this: Instead of adding new IP addresses each time and depending on a static IP address, it is enough to allow access to the IP address of the VPN server to which you and your employees will connect to work with corporate resources.


I note that this is the most primitive solution head-on, but it copes well with its task.


Alternatively, if you have a large local enterprise network consisting of various resources, then a VPN server is created in it, to which you can connect from an external Internet network, and after connecting, the user gets access to local corporate resources.


Write to me, always ready to help with questions related to IT development and information security.

Hashtags:
#networks
#vpn
Share:

Lates

About graphs, simply.

In this article, we will begin our acquaintance with graphs, get acquainted with the breadth-first search algorithm (BFS) and implement the graph in the Rust programming language.

#graphs
#rust
#algorithms

What is the difference between outsourcing development and outstaffing an IT employee for development?

In this article we will understand what outsourcing and outstaff development are.

#developmentprocess

Meet the Pentest

We are beginning to consider one of the main methods of assessing the security of computer systems and networks for potential vulnerabilities - penetration testing

#pentest

Reducing the implementation period of MVP

Let's figure out the timing of the implementation of the MVP.

#developmentprocess

Testing an MVP concept

We will figure out how not to waste the budget on MVP development in vain

#developmentprocess

Incorrect estimation of the cost of IT contractor services

Today we will talk about the incorrect assessment of the cost of developing IT solutions. This pain is one of the main ones for enterprises and startups, including IT contractors themselves.

#consultin

Introduction to Design Patterns in Software Development

In this article, we will begin to dive into the world of optimizing application architecture using design patterns.

#designpatterns

OSI Model Levels

In this article, we will take a closer look at each of the levels of the OSI model

#networks
#osi

Documenting code in the Rust programming language

In this article, we will look at how documentation takes place in Rust and consider a very useful opportunity - writing tests through documentation.

#rust

Introduction to the OSI model

In this article we begin to consider the fundamental model of network interaction - OSI

#networks

CSS animation ripple

A simple example of how to implement ripple animation using HTML and CSS

#css

From concept to MVP

In this article, you will learn, by example, how to move from a concept to an MVP without unnecessary complications in the functionality of the product

#developmentprocess

Introduction to writing the terms of references

The Terms of Reference are an important part of the development process. In this article, we will begin to dive into this issue.

#developmentprocess

Introduction to software development

Today, most companies are faced with IT development and often do not get what they want. In this article, we begin to dive into the process of creating IT solutions.

#developmentprocess

From idea to concept

In this publication, we will talk about how the idea differs from the concept. Let's do this with an example of a specific goal

#developmentprocess

Weighted graphs

In this article, we will get acquainted with weighted graphs, Dijkstra's algorithm, and its implementation in the Rust programming language.

#algorithms
#graphs