I
I
Innokenty Volnin2018-02-16 11:34:42
Information Security
Innokenty Volnin, 2018-02-16 11:34:42

How to raise and basicly protect a corporate network?

Given a wi-fi router with a wire directly to the provider, a dozen laptops, a corporate resource (located on a server at the left supplier), some employees work from home. The authorities got wind of the fact that we do not have corporate security (you can listen to traffic) and want to protect themselves from this.
How to encrypt traffic to a corporate resource so that logins and passwords are not listened to, including from those working from home? What equipment is required to organize it correctly? Time endures, but for me, enikeya, a valuable experience in terms of learning.

Answer the question

In order to leave comments, you need to log in

6 answer(s)
K
Konstantin Malyarov, 2018-02-16
@Konstantin18ko

Get a VPN. Access to the resource only from the addresses 192.168.*.* or 10.10.*.*, that is, from the local network.
All external traffic only through the VPN tunnel.
All internal traffic over the local network, no tunnels.

V
vreitech, 2018-02-16
@fzfx

negotiate with a corporate resource so that it gives access to itself only via an encrypted VPN connection. set up this connection. equipment depends on what you agree with the corporate resource, in general, in the minimum version, only software is enough.

A
Antonio Solo, 2018-02-16
@solotony

How to encrypt traffic to a corporate resource,

corporate resource is a "website"? then primitive https will save your company from traffic interception, and the authorities from a premature heart attack.

S
Stanislav Bodrov, 2018-02-16
@jenki

The main thing is that the control panel of this router does not stick out and the passwords to the admin panel are not default.

V
Valentin, 2018-02-16
@vvpoloskin

  1. GRE+IPSec to remote resource
    These are the basic steps. But in general, usually information security employees provide a security policy, and the infrastructure is brought to the requirements in accordance with it. there is no corporate security - this is not a policy, so you can even say about the network of any bank.

I
Ilya bow, 2018-02-19
@8889996

And why the hell do you have logins and passwords that are not transmitted over encrypted channels?
Most software is encrypted by default.

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question