Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

WAN link security

Posted on 2014-10-10
1
Medium Priority
?
219 Views
Last Modified: 2014-10-28
I am not from a network tech background, but from a risk angle I wanted your expert view on this. We have an application that is hosted by a 3rd party. The application isnt public facing, you need to be logged into our domain to access the system. I am trying to determine how safe the transfer of data to and from this system is. All the 3rd party have said is there is a "standard WAN link" in place between us and them (i.e. their app/database server). What are the best practices for security on "WAN link's". Are they by default secure, or if not what security do you need to make the link safe?

Technically what is the "link" (hardware wise).

Please keep answers management freindly low tech.

I presume I also need to research what "protocols" are used for client access to the application? My very novice view was - presumably the actual WAN link needs to be secure if data sent from client to server (within the application) is using a plain text protocol. Whereas if the protocol used in the system is secure/encrypted - then whether the WAN link is secure or not - the data would be difficult to intercept by a hacker. Or am I miles off the mark?
0
Comment
Question by:pma111
1 Comment
 
LVL 47

Accepted Solution

by:
Craig Beck earned 2000 total points
ID: 40373787
A standard WAN link could be anything.  I think what they mean though is that it's a standard internet connection.

However, you say that the application isn't public-facing and that you need to be logged into your domain to access the system.  That would imply that the application isn't on the public internet.

To give you a proper answer we need to understand what the WAN link actually is and how the 3rd party host the application.  There are too many unknowns to be accurate.

Saying that, I would guess that the application is hosted on the internet, but it's firewalled and only allowing connections from your WAN circuit's IP address or range.  That would make more sense.  Ask the 3rd party if this is the case - they should be able to confirm whether or not that is the case relatively easily.

Something else which would need to be known is how secure is traffic between client and server.  Is it encrypted using SSL, etc?  Again, they can tell you this.

1] If the circuit is just internet, and the app isn't firewalled AND data isn't encrypted, that's BAD.
2] If the circuit is just internet and the app isn't firewalled OR data isn't encrypted, that's BAD.
3] If the circuit is just internet and the app is firewalled AND data is encrypted, that's OK.

As an added bonus to the last point, if the circuit is a private WAN circuit between you and the 3rd party that's even better.  This would mean points 1 and 2 could be acceptable.
0

Featured Post

Veeam Disaster Recovery in Microsoft Azure

Veeam PN for Microsoft Azure is a FREE solution designed to simplify and automate the setup of a DR site in Microsoft Azure using lightweight software-defined networking. It reduces the complexity of VPN deployments and is designed for businesses of ALL sizes.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Originally, this post was published on Monitis Blog, you can check it here . It goes without saying that technology has transformed society and the very nature of how we live, work, and communicate in ways that would’ve been incomprehensible 5 ye…
How to fix a SonicWall Gateway Anti-Virus firewall blocking automatic updates to apps like Windows, Adobe, Symantec, etc.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Internet Business Fax to Email Made Easy - With  eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, f…

824 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question