I have recently started a new job and I am just looking at the existing infrastructure and listing areas that I think should be changed or improved. There appears to be a few !!
The first thing I've noticed is that we are currently using a PPTP VPN connection which is set up on a RAS server. From what I know, PPTP is no longer recommended and is not secure.
We have a Xyxel ZyWALL 1050 firewall that appears to offer both IPSec and SSL VPN connections. Would it be better to use this as opposed to a software VPN as we currently have ?
As far as I can gather there are not a lot of VPN users, and my plan is to only provide VPN accounts to those with company issued laptops. I think currently people are connecting in with all sorts of different devices, which I guess in itself is not a problem but as I have doubts about how the VP is working at the moment I would like to get away from that and just assign VPN accounts to those that need them.
I have set up an Open VPN server on my home network, so I have done a bit of work on this before but otherwise I'm a relative newbie.