There is an ever increasing need to use networks within organizations and between organizations. Requirements have to be met to use networks securely. The area of remote access to a network requires specific measures when IT security should be in place. BS ISO/IEC 18028 provides guidance for accessing networks remotely - either for using email, file transfer or simply working remotely.
This part provides detailed direction with respect to the security aspects of using Virtual Private Network (VPN) connections to inter-connect networks, and also to connect remote users to networks. It builds upon the network management direction provided in BS ISO/IEC 18028-1:2006.
It is aimed at those individuals responsible for the selection and implementation of the technical controls necessary to provide network security when using VPN connections, and for the subsequent network monitoring of VPN security thereafter.
Contents of BS ISO/IEC 18028-5 include
- Normative references
- Terms and definitions
- Abbreviated terms
- Overview of VPNs
- VPN security objectives
- VPN security requirements
- Guidelines for the selection of secure VPNs
- Guidelines for the implementation of secure VPNs
- Annex A - Technologies and protocols used to implement VPNs