Introduction
The need to have an enhanced security of the computer connectivity happens to be one of the reasons that attract companies and organizations towards wide usage of VPNs. Several simple techniques could be used in intercepting the movement of data from one point to another across a given network. VPNs normally utilize protocols of advanced encryption as well as securing techniques of tunneling with the aim of encapsulating various transfers of online data. The exponential growth that has been experienced concerning the internet connectivity over the last couple of years has resulted in a considerable number of people engaging in operations and economic activities that are supported by the presence of internet connectivity. The role played by a firewall in computing is to enforce a set of requirements concerning the kind of data packets that should be permitted to leave or enter a given network. The incorporation of a firewall in a various network devices serves as a mechanism through which networked devices can filter network traffic and reduce the risks associated with the movement of malicious packets through multiple channels of public and private internet (Savarnejad, 2015). Firewalls are also available in the form of stand-alone applications of computer software. Firewall is usually responsible for the provision of a barrier that limits the chances of damages that may result from attacks from internal or external cyber-attack. Firewalls can provide low-level protection against attacks on the network in addition to crucial auditing and logging functions.
Description of Firewalls
In computing terms, firewall refers to a system of network security that is concerned with the control and monitoring of the outgoing and incoming network traffic concerning security settings that are predetermined. Firewalls could be broadly classified into two main categories namely network-based firewalls and host-based firewalls. However, several different types of firewalls are usually available in different areas of computing with the objective of controlling and monitoring different activities. The installation of host-based firewalls is commonly done on individual servers, and its responsibility is to monitor both outgoing and incoming signals for any associated security risk (Suzan, 2014). A network-based may be installed into a cloud's infrastructure or can be used in the provision of firewall service. Other types of firewalls include proxy firewalls, packet-filtering firewalls, stateful inspection firewalls as well as next-generation firewalls among others. A packet-filtering firewall plays the role of examining packets that are in isolation without the knowledge of the packet's context. A stateful inspection firewall is involved in the examination of network traffic with the objective of determining whether a relationship exists between different packets (Smith, 2015).
Delegate your assignment to our experts and they will do the rest.
Leavitt (2014) indicates that a proxy firewall plays the role of inspecting packets that exist at the layer of application known as Open Systems Interconnection (OSI) reference model. A next-generation firewall employs a multilayered technique towards the integration of enterprise firewall capabilities that operate using an application control and intrusion prevention system (IPS) (Mohanty, 2012). Before the emergence of the initial firewalls first firewalls towards the end of the nineteenth century, the only existing form of ensuring the provision of security for networks was possible through access control lists (ACLs) which was available on routers. ACLs was able to make specifications regarding the kind of Internet Protocol (IP) addresses that would be denied or granted were granted or denied access to a computer network. This implies that there was a lot that needed to be done concerning the manner in which IP address was filtering network traffic. Static packet-filtering firewalls are responsible for the examination of packet headers and often use predetermined guidelines in making decisions regarding the traffics that ought to be allowed and the ones to be denied (Heling, 2013).
Description of Virtual Private Network (VPN)
A Virtual Private Network (VPN) is a system that is concerned with the extension of a private network to be included in a public network as well as enabling users to receive and send data across public or shared networks. In this regard, the sharing of data happens as if different computing devices have direct connections with a private network. The explanation by Savarnejad (2015) describes a virtual private network as a technique of connection that is used in reinforcing the privacy and security of both public and private networks such as the internet and WiFi Hotspots. Virtual Private Networks are often used in supporting operations by corporations with the objective of protecting sensitive data and information. However, the use of a personal VPN in the last couple of years has increasingly become popular. It is important to note that a Virtual Private Network enhances privacy since the initial IP address belonging to a user becomes replaced using a different one obtained from a Virtual Private Network provider. Moreover, subscribers are capable of obtaining an IP address from any one of the gateway cities offered by a Virtual Private Network service provider.
Virtual Private Network Security
Most savvy users of computer and other computing devices would not prefer to connect their devices to the internet without paying attention to the existence of a firewall as well as an updated antivirus. The kind of evolutions that have been experienced in the area of security threats in the world of computing as well as the ever-growing reliance on internet connectivity has increased the importance attached to the need to have a Virtual Private Network as a security measure. Integrity checks are supposed to make sure that there is the absence of data loss and connections are not hijacked at any point in time. This is because all traffic is expected to be managed under a secure mechanism where Virtual Private Networks are more preferable compared to proxies (AlDosari, 2017).
Technology Involved in Virtual Private Network
The technologies used in VPN where Windows 2000 Server and Windows Server 2003 are involved include IPsec/ L2TP servers. TLS and SSL protocol is also used in ensuring the security of flow of data through the OSI model. Manufacturers or users usually implement the technologies that support the existence and operation of VPN. One of such technologies is IPsec having encryption in either transport or tunnel modes. Manual process or IKE certificates can be used in setting up a security association concerning Virtual Private Network (Gula, 2011). The description of IPsec L2TP is associated with considerable deployment for remote access to secure Virtual Private Networks. The technologies involved in VPNs have been subjected to standardization concerning the IETF. IPsec refers to a suite of protocols with the ability to facilitate the encryption and authentication of various IP packets within a given session of communication (Hong, 2012). Further, IP security is usually involved in the provision of a mechanism that ensures the existence of a mutual system of authentication in the course of building a given communication session. IPsec involves an end-to-end scheme of security whose operation and function happen within an internet protocol suite. This is an implication that IP security can be used in in the protection of data in different models applied in the architectures of VPN.
Technology Involved in Firewall
The technologies employed in firewalls include packet filters which are responsible for the screening of all network traffic present within the transport and network layers of the IP/TCP packet. This implies that packet filters are core concerned with the examination of the origin and destination of protocol number, IP address as well as the destination and source port numbers for the case of UDP and TCP. The mounting of packet filtering mechanisms happens in some UNIX kernels and routers. Since routers are required in facilitating the connection into different networks, the packet filter technology uses minimal costs (Heling, 2013). This technology also requires considerably little processing power and additional memory thus making it suitable for adoption by low-end routers in handling moderate loads. A circuit-level gateway is another technology used by the firewall. The operation of this technology takes place within the session layer around the OSI model (Networking, Security, and the Firewall, 2016). This indicates that extra information may be needed before the acceptance or denial of packets. The determination of accessibility is usually dependent on DNS domain name, address and directory username. Additionally, the installation of specialized client software is usually carried out in different workstations making it possible for circuit-level gateways to play the role of bridging various network protocols such as IP and IPX (Smith, 2015).
Threats against Firewall
Hackers have been able to devise some sophisticated levels of an attack whose main objective is to circumvent the policies that were previously enforced to offer guidance to perimeter firewalls concerning access requirements and conditions. In modern times, hackers usually go beyond searching and looking for ports that are left open on firewalls hoping to access networks. Part of the threats that are posed by hackers operating in modern-day internet environment is associated with attacks that focus on the exploitation of the application vulnerabilities that are known (Gula, 2011). Moreover, such hackers are particularly interested in services such as HTTPS (TCP Port 443) and HTTP (TCP Port 80). These services are usually available and open in several networks and control devices are unable to detect or identify malicious exploits that may have been aimed or directed towards them. Another common threat concerning the modern-day attack against VPN is the man-in-the-middle attack. This kind of attack usually takes place whenever people gain access to wired or wireless WAN/LAN (Networking, Security, and the Firewall, 2016). In this respect, the insider access increases the possibility of snooping on the connectivity making it possible to gather data and information regarding connection setup as well as the credentials of the users that generally aid the attack operations and processes. Listening to or gaining physical access to the Virtual Private Network-enabled device also forms part of a potential attack on connectivity. Such an attack could happen in a situation where there a loss of computer or a computing mobile devise together with credential thereby making it easier for the hacker gain access without using a password (Savarnejad, 2015).
Global implications
The several attacks that are presently experienced against firewalls and VPNs are associated with severe global consequences. This is because such attacks could be equated to attacks on global privacy. The current status of hacking operations and threats have raised a lot of concerns regarding computing and digital security and privacy (Leavitt, 2014). The global scene of digital and computing security has seen experienced actions by Russia and China to block services associated with Virtual Private Networks. As a result of such actions, a multitude of people is faced with the risk of losing one of their best opportunities to circumvent laws and regulations associated with censorship. China has gone to the extent of requiring companies dealing with telecommunication and digital transmission of information and data to ensure that users are blocked from accessing Virtual Private Networks that have failed to comply with government policies and regulations (Gula, 2011). Besides, recent developments in the global arena saw the Russian head of state signing a law whose sole objective was banning the use of Virtual Private Networks among several other non-authentic browsing applications that do not comply with safety and privacy requirements.
Future trends
The future of attacks against Virtual Private Networks and Firewalls is likely to be characterized by trends described by complexities if nothing substantive is developed as a solution to the presently existing risks and threats of attack. According to the views by AlDosari (2017), the future of attacks against Virtual Private Networks and Firewalls is likely to be influenced by several applications that are likely to be developed. The internet security system expected to be developed in trying to counter the threats against Virtual Private Networks and Firewalls will be operating in a manner that is similar to an immune system where the internet will be expected to develop a mechanism with the ability detect and counter impending threats. Several security developments are also likely to take place in the future concerning effective protection against sophisticated attacks against firewalls and VPNs that might be experienced (Hong, 2012).
Conclusion
In summing up, it is noteworthy that the modern-day computing environment has presented numerous threats against the efficient and effective functioning of firewalls and VPNs. Mostly, the technologies involved in both firewalls and Virtual Private Networks have somehow given rise to the sophisticated development level of attacks by hackers. While firewall focuses on the protection of data contained within a computer, the focus of a Virtual Private Network is to ensure the protection of data within a web network. Besides, there have been several concerns at a global level concerning the digital security that revolves around the operation and functionality of VPNs and firewalls.
References
AlDosari, F. (2017). Security and Privacy Challenges in Cyber-Physical Systems. Journal Of Information Security , 08 (04), 285-295. doi: 10.4236/jis.2017.84019
Gula, R. (2011). Correlating IDS Alerts with Vulnerability Information, Tenable Network Security. Network Security , (3), 9. http://www.tenablesecurity.com
Heling, J. (2013). Balancing Detection and Prevention in the Deployment of Network Intrusion Technology. Managed Network Security , 31 (7), 135-223.
doi:310.6509/mr.2062.524
Hong, L. (2012). Cyber-Physical-Social Based Security Architecture for the Future Internet of Things. Advances in Internet of Things , 2 (1), 131-187. doi: 10.4236/ait.2012.21001
Leavitt, N. (2014). Internet Security under Attack: The Undermining of Digital Certificates. Computer , 44 (12), 17-20. doi: 10.1109/mc.2011.367
Mohanty, I. (2012). Information Retrieval from Internet Applications for Digital Forensic International Journal Of Security, Privacy And Trust Management , 1 (3), 15-30. doi: 10.5121/ijsptm.2012.1302
Networking, Security, and the Firewall. (2016). Configuring Sonicwall Firewalls , 1-50. doi: 10.1016/b978-159749250-8/50005-8
Savarnejad, A. (2015). Intranet firewalls susceptible to internal attacks. Network Security , 1997 (2), 7. doi: 10.1016/s1353-4858(97)86648-2
Smith, C. (2015). IPsec’s role in Network Security: Past, Present, Future. Journal Of Information Security , 12 (6), 143-176. doi: 10.92346/.6615.8654
Suzan, B. (2014). Conventional and Improved Digital Signature Scheme: A Comparative Study. Journal of Information Security , 4 (1), 34-43. doi: 10.4236/jis.2015.61007
