Implementation tipsheet

1. Make sure the carrier has a variety of network options.

A virtual private network must work with whatever network connection your organization currently uses. This may be problematic because telecommunications service providers typically support only a narrow range of connectivity options. Most support dial-in access, many support low-speed dedicated connections, and a growing number have wide-scale support for broadband links. Before moving ahead with a deployment, you need to make sure your carrier can support your network configuration.

2. Keep the new network's overhead in check.

By adding more traffic and overhead (from the security functions) to your network, VPNs can create bottlenecks. When adding new VPN capabilities, you need to have strong network performance- monitoring tools, so you can see how well your network is functioning and identify places where upgrades may be needed.

3. Quarantine rogue devices.

Secure Sockets Layer (SSL) VPNs provide users with flexibility when accessing the agency network. In some cases, they may work from a kiosk, a home computer or a customer's system — any of which could be infected with a virus. Set up a special network segment for those users so you can identify problem data transfers and keep them from disrupting your network.

4. Know SSL's limitations.

Data transmitted using SSL is only secure on its way between the browser and the Web server. If that data is subsequently moved to another location, security may be compromised. If, for example, a Web-hosting company collects data via an SSL site, but then forwards it to you via e-mail, it may not be secure on the second part of the journey. So make sure information is locked down at all points along a connection.

Rising Stars

Meet 21 early-career leaders who are doing great things in federal IT.

Featured

  • SEC Chairman Jay Clayton

    SEC owns up to 2016 breach

    A key database of financial information was breached in 2016, possibly in support of insider trading, said the Securities and Exchange Commission.

  • Image from Shutterstock.com

    DOD looks to get aggressive about cloud adoption

    Defense leaders and Congress are looking to encourage more aggressive cloud policies and prod reluctant agencies to embrace experimentation and risk-taking.

  • Shutterstock / Pictofigo

    The next big thing in IT procurement

    Steve Kelman talks to the agencies that have embraced tech demos in their acquisition efforts -- and urges others in government to give it a try.

  • broken lock

    DHS bans Kaspersky from federal systems

    The Department of Homeland Security banned the Russian cybersecurity company Kaspersky Lab’s products from federal agencies in a new binding operational directive.

  • man planning layoffs

    USDA looks to cut CIOs as part of reorg

    The Department of Agriculture is looking to cut down on the number of agency CIOs in the name of efficiency and better communication across mission areas.

  • What's next for agency cyber efforts?

    Ninety days after the Trump administration's executive order, FCW sat down with agency cyber leaders to discuss what’s changing.

Reader comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above

More from 1105 Public Sector Media Group