What To Look For With VPN Encryption

What To Look For With VPN Encryption | Chicago IT | Equilibrium IT | EQInc.comI recently read how one of the U.S.'s "Three Letter Agencies" has the ability to intercept IPSEC VPN traffic for analysis. After digging in further, I came across an interesting bit of information.





High Assurance Internet Protocol Encryptor

I read that the NSA uses a VPN-like technology known as High Assurance Internet Protocol Encryptor (HAIPE) instead of the traditional VPN for encryption between sites. While it is likely for heightened security purposes, it goes to show that the U.S. Government is taking steps to create stronger communication encryption technologies.

Some of the most common types of VPN technologies are IPSEC and SSL. Some features of each family of technology are stronger than others. There are many security protocols which have been depreciated due to weak security such as PPTP.


Many of these technologies falter in the ability to provide advanced Authentication, Authorization and Auditing mechanisms (AAA). Others provide the ability to use multi-factor authentication for connecting clients. Microsoft offers the ability to use its Network Policy Server (NPS) in conjunction with first-party and third-party Remote Access Services to accomplish these goals.

This allows the ability for the administrator to require certain conditions of a client before granting access. These conditions can include AD group membership, time of day or ensuring the connecting client system meets a requirement such as patch levels and/or AV definitions.

Some inexpensive remote access offerings provide consumers with the ability to securely access their PC’s from remote locations (ex: GoToMyPC). These solutions are typically discouraged or prohibited in corporate IT policies.

Equilibrium's security and network teams are experts in encryption, firewalls, site-to-site communications and secure remote access including NPS. We reference the NIST hardening standards for all network designs and implementations.

Would you like help verifying your communications are secure? Let's Talk.

Author: Chad Akileh

Equilibrium IT Solutions, Inc.
Chicago, IL
Security Practice

Follow EQ:

EQ Linked-In | Security | Chicago IT | Equilibrium IT | EQInc.com  EQ Facebook | Security | Chicago IT | Equilibrium IT | EQInc.com  EQ Google+ | Security | Chicago IT | Equilibrium IT | EQInc.com  EQ Twitter | Security | Chicago IT | Equilibrium IT | EQInc.com


Questions?  Call us today in Chicago at 773-205-0200 | Email us at  | Request a FREE Consultation


Contact Us

Call today! 773.205.0200 or use the form below.