As per the requirements in the organization we work, we need to allow a private virtual network of all to access the files or web services within their PCs. I browsed the internet to acquire the knowledge on the same but was unable to achieve productive results.

Please suggest some software that has the ability to share over two standard protocol units. We require some easiest way to protect our company’s data. We need security at times of incidents like rootkit attacks and zero-day vulnerabilities.

Any help in this regard would be highly appreciated.

Thanks,
D. Zeller

I'm not a security person, but some network guys I know who run a large network, recommend Cisco's Easy VPN Server and Client. I've used the client, and it’s very simple and friendly. They deal with lots of attacks, and their strategy is basically to "close down all ports not in use, along with really good passwords. All servers are behind their firewall, and they only grant remote access to users via the VPN.

Have you heard about the technology called Desktop Virtualization?
Numbers of software vendors are rolling out desktop-virtualization offerings. They simply manage entire lifecycle of virtual desktops making it easy to create, deliver, secure, update, and control the virtual desktop. You can look forward depending upon the requirements at your organization.

You have two issues here:
My suggestion is that you separate these two issues as they are two distinct problems. Rootkit detection/prevention is a whole other ballgame. Zero-day exploit prevention will require adequate defense-in-depth strategies.

NAP/NAC can help make sure machines are up to date and patched before connecting to your VPN but unfortunately, targeted rootkit attacks will go under the radar with most AV implementations. What you need to understand is ""risk management.""

There are many different vendors who offer VPN solutions and each are different in their implementation but the technology used remains the same. The process is normally quite simple:

1. Each user has a key/tag, this provides authentication.

2. They will have some kind of VPN software to connect to the concentrator.

3. And the VPN concentrator confirms the authentication and act's as the gateway for your VPN connection once authenticated.

There are number of vendors providing similar offerings. In the recent news, it was mentioned that the version 1.0 of MokaFive's Virtual Desktop Solution is a complete virtual desktop package.

Anybody out there who has hands -on experience with MokaFive?