Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people, just like you, are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
Solved

WAN link security

Posted on 2014-10-10
1
212 Views
Last Modified: 2014-10-28
I am not from a network tech background, but from a risk angle I wanted your expert view on this. We have an application that is hosted by a 3rd party. The application isnt public facing, you need to be logged into our domain to access the system. I am trying to determine how safe the transfer of data to and from this system is. All the 3rd party have said is there is a "standard WAN link" in place between us and them (i.e. their app/database server). What are the best practices for security on "WAN link's". Are they by default secure, or if not what security do you need to make the link safe?

Technically what is the "link" (hardware wise).

Please keep answers management freindly low tech.

I presume I also need to research what "protocols" are used for client access to the application? My very novice view was - presumably the actual WAN link needs to be secure if data sent from client to server (within the application) is using a plain text protocol. Whereas if the protocol used in the system is secure/encrypted - then whether the WAN link is secure or not - the data would be difficult to intercept by a hacker. Or am I miles off the mark?
0
Comment
Question by:pma111
1 Comment
 
LVL 45

Accepted Solution

by:
Craig Beck earned 500 total points
ID: 40373787
A standard WAN link could be anything.  I think what they mean though is that it's a standard internet connection.

However, you say that the application isn't public-facing and that you need to be logged into your domain to access the system.  That would imply that the application isn't on the public internet.

To give you a proper answer we need to understand what the WAN link actually is and how the 3rd party host the application.  There are too many unknowns to be accurate.

Saying that, I would guess that the application is hosted on the internet, but it's firewalled and only allowing connections from your WAN circuit's IP address or range.  That would make more sense.  Ask the 3rd party if this is the case - they should be able to confirm whether or not that is the case relatively easily.

Something else which would need to be known is how secure is traffic between client and server.  Is it encrypted using SSL, etc?  Again, they can tell you this.

1] If the circuit is just internet, and the app isn't firewalled AND data isn't encrypted, that's BAD.
2] If the circuit is just internet and the app isn't firewalled OR data isn't encrypted, that's BAD.
3] If the circuit is just internet and the app is firewalled AND data is encrypted, that's OK.

As an added bonus to the last point, if the circuit is a private WAN circuit between you and the 3rd party that's even better.  This would mean points 1 and 2 could be acceptable.
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
route-map permit with a number 1 35
Review of a VPN cert policy 4 43
Router Question 12 54
what is mstp 6 31
When it comes to security, there are always trade-offs between security and convenience/ease of administration. This article examines some of the main pros and cons of using key authentication vs password authentication for hosting an SFTP server.
When you try to share a printer , you may receive one of the following error messages. Error message when you use the Add Printer Wizard to share a printer: Windows could not share your printer. Operation could not be completed (Error 0x000006…
Viewers will learn how to properly install and use Secure Shell (SSH) to work on projects or homework remotely. Download Secure Shell: Follow basic installation instructions: Open Secure Shell and use "Quick Connect" to enter credentials includi…
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.

808 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question