NTA Monitor secures VPN servers
NTA Monitor is releasing its VPN Fingerprinting tool (IKE Scan), which enables IT administrators to monitor their networks and identify any virtual private network (VPN) servers on them.
NTA Monitor is releasing its VPN Fingerprinting tool (IKE Scan), which enables IT administrators to monitor their networks and identify any virtual private network (VPN) servers on them. The security auditing tool will allow users to take corrective action should they discover any VPN servers with known flaws.
The IKE Scan utilises transport characteristics in the internet key exchange (IKE) service, which is a mechanism used by VPNs to establish a connection between a server and a remote client. The tool sends specially crafted IKE packages to each network host and then monitors retransmission packages from these hosts. The retransmission responses are then matched against VPN product fingerprints.
As each vendor has a unique signature for its VPN products, the IKE Scan can identify the manufacturer and its product and notify networks administrators as to whether they are running the most up-to-date and secure software release.
The IKE Scan can identify VPN products from the likes of Cisco, Nortel Networks, Checkpoint, Microsoft and Watchguard.
“VPNs have been assumed to be an invisible and secure method of communication between a server and a remote connection. But such thinking is naïve,” says Roy Hills, technical director, NTA Monitor.
“NTA Monitor’s IKE Scan tool shows that VPNs cannot only be discovered but the manufacturer, and sometimes the version, can also be identified. Network administrators need to ensure that they are aware of VPNs configured within their network and ensure that they are using the latest secure software release,” he adds.