This chapter was dedicated to those networks that rely on external communication of some nature. For some companies, the external partner might be a corporate LAN that is geographically distant from the main office (the typical branch office scenario). For other companies, the partner might be an individual user trying to connect to the network. Finally, the partner might be a separate company that needs to connect with your network for an alliance project. In any of these cases, the security risks of a normal network are increased.
When using Windows Server 2003 as a router that connects site to site, the choice of routing protocols will certainly impact your security design. Static routes, RIP, OSPF, and even Auto-Static routing can be used depending on your environment. Although static routes are secure, they frequently are difficult to administer and for non-demand dial connections, many turn to RIP or OSPF. These protocols can be made more secure by using password-based authorization, route filtering, and even peer limiting. Demand dial connections are frequently used in site-to-site communications if a persistent connection is unavailable. In this case, certificates or other strong authentication protocols such as MS-CHAP v2 can be used to heighten security. The data encryption needs of a site-to-site connection can be met by using MPPE or IPSec.
We next turned our attention to securing VPN servers when used for site-to-site or remote access scenarios. Frequently, the reason for establishing a VPN is to save a dollar, but since the data now passes over an insecure public network such as the Internet, security becomes top priority for most companies. One of the first choices that you must make in designing a VPN solution is which tunneling protocol to use. PPTP is a secure protocol that uses MPPE to encrypt traffic and is relatively easy to implement. For more demanding situations, L2TP with IPSec can be used. The IPSec ESP protocol uses a more impressive encryption standard than MPPE, and is considered to be unbreakable . However, to use L2TP you must have a certificate infrastructure so that user and computer certificates can be issued when necessary. The EAP-TLS protocol allows for certificate use, but while extremely secure, some might find the implementation of a PKI unnecessary.
The first line of defense for any VPN server is to demand authentication of entities that are attempting to connect. Remote access policies and profiles help accomplish the goal by limiting who is authorized to connect, and also by limiting how they connect and for how long. Network Access Quarantine Control and securing VPN traffic through an appropriate firewall can also be key points in the security design.
Windows Server 2003 has many features that are quite useful in creating a secure communication network with external partners . Some, like L2TP and EAP-TLS, are industry standards, and some, like MPPE and MS-CHAP v2, are Microsoft standards. Whichever combination you decide to use in your router and VPN implementations , however, you can be assured that attackers will be up against a formidable opponent if they attempt to siege your network.