Link to home
Start Free TrialLog in
Avatar of jana
janaFlag for United States of America

asked on

Creating VPN Fortinet can be used to spy on or breach data

We have a user that their tech wants to creat a VPN Fortinet in his computer for the purpose of accessing the office server.  He usually used to use TeamViewer but this time the tech is gonna install some sort of VPN.  The concern the user has is his personal data in his computer if by creating the VPN it can have some sort of breach or that his activity can be monitor etc.  We have informed him that there is no way and the VPN is just to secure connection between his pc and the server (but since he has been reading all about these crybaby etc. and the tech of his office is outsource he wanted to be sure).  The said, is his concerned viable? What does setting a VPN between 2 computer technically consiste of?
SOLUTION
Avatar of Qlemo
Qlemo
Flag of Germany image
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
SOLUTION
Avatar of Ashok Dewan
Ashok Dewan
Flag of India image
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of jana
jana
Flag of United States of America image

ASKER

Understood, the conexión is protected from PC to server.  Is it possible the connection via fortinetclient permit the tech at the server see the user local like files, pix, etc.? (The user concern is if the remote tech can view his files since he is also a user at the server - in other words if the user leaves the PC unattended, can the tech at the server access or view the local files of the PC?)
Avatar of Qlemo
Qlemo
Flag of Germany image
The tech would need to have either admin access on the local machine, or know the (local!) account password. As it seems, there is nothing common in regard of accounts, and the tech can't gain access without performing active hacking.
Avatar of jana
jana
Flag of United States of America image

ASKER

The tech doesn’t have the password.  

So to understand, if the tech has the users password he can navigate to his local PC even though apps that the tech installed is a fortinet client to setup a VPN for the user to connect to the server?

Correct?
SOLUTION
Avatar of Ashok Dewan
Ashok Dewan
Flag of India image
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of Qlemo
Qlemo
Flag of Germany image
It is indeed as simple as this: If the PC would be directly connected to the network, which privileges had the tech? With a VPN it is slightly different (more difficult) for the tech to try the same access.
So, if the tech does not have passwords, all they can get is what is sent over via VPN, and that means they might see some DNS queries if they try.
Avatar of jana
jana
Flag of United States of America image

ASKER

I thought that when one installed a  VPN, like the user FortiClient VPN, the purpose of the connection was one-way, that is the user PC to the server.  Based on what has been said here, if the tech has the user/password of the user he can connect from the server to the user computer.
Avatar of jana
jana
Flag of United States of America image

ASKER

Sorry what I meant was if connecting to a server using a VPN, then the “server” can have access to the connected computer (as long as it has the counters users/password)? (In other works reverse access since the purpose is to “PC >> Server” not “Server >>> PC” )
ASKER CERTIFIED SOLUTION
Avatar of Qlemo
Qlemo
Flag of Germany image
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of jana
jana
Flag of United States of America image

ASKER

Thank you very much! We are well instructed!