Solved

WAN link security

Posted on 2014-10-10
1
192 Views
Last Modified: 2014-10-28
I am not from a network tech background, but from a risk angle I wanted your expert view on this. We have an application that is hosted by a 3rd party. The application isnt public facing, you need to be logged into our domain to access the system. I am trying to determine how safe the transfer of data to and from this system is. All the 3rd party have said is there is a "standard WAN link" in place between us and them (i.e. their app/database server). What are the best practices for security on "WAN link's". Are they by default secure, or if not what security do you need to make the link safe?

Technically what is the "link" (hardware wise).

Please keep answers management freindly low tech.

I presume I also need to research what "protocols" are used for client access to the application? My very novice view was - presumably the actual WAN link needs to be secure if data sent from client to server (within the application) is using a plain text protocol. Whereas if the protocol used in the system is secure/encrypted - then whether the WAN link is secure or not - the data would be difficult to intercept by a hacker. Or am I miles off the mark?
0
Comment
Question by:pma111
1 Comment
 
LVL 45

Accepted Solution

by:
Craig Beck earned 500 total points
ID: 40373787
A standard WAN link could be anything.  I think what they mean though is that it's a standard internet connection.

However, you say that the application isn't public-facing and that you need to be logged into your domain to access the system.  That would imply that the application isn't on the public internet.

To give you a proper answer we need to understand what the WAN link actually is and how the 3rd party host the application.  There are too many unknowns to be accurate.

Saying that, I would guess that the application is hosted on the internet, but it's firewalled and only allowing connections from your WAN circuit's IP address or range.  That would make more sense.  Ask the 3rd party if this is the case - they should be able to confirm whether or not that is the case relatively easily.

Something else which would need to be known is how secure is traffic between client and server.  Is it encrypted using SSL, etc?  Again, they can tell you this.

1] If the circuit is just internet, and the app isn't firewalled AND data isn't encrypted, that's BAD.
2] If the circuit is just internet and the app isn't firewalled OR data isn't encrypted, that's BAD.
3] If the circuit is just internet and the app is firewalled AND data is encrypted, that's OK.

As an added bonus to the last point, if the circuit is a private WAN circuit between you and the 3rd party that's even better.  This would mean points 1 and 2 could be acceptable.
0

Featured Post

Highfive + Dolby Voice = No More Audio Complaints!

Poor audio quality is one of the top reasons people don’t use video conferencing. Get the crispest, clearest audio powered by Dolby Voice in every meeting. Highfive and Dolby Voice deliver the best video conferencing and audio experience for every meeting and every room.

Join & Write a Comment

Configuring network clients can be a chore, especially if there are a large number of them or a lot of itinerant users.  DHCP dynamically manages this process, much to the relief of users and administrators alike!
PRTG Network Monitor lets you monitor your bandwidth usage, so you know who is using up your bandwidth, and what they're using it for.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

18 Experts available now in Live!

Get 1:1 Help Now