Chapter 10. Securing network connections: Creating a VPN or DMZ

 

This chapter covers

  • Implementing server security configurations
  • Deploying an OpenVPN tunnel to secure remote connections
  • Using firewalls to control access between segments
  • Using iptables and Shorewall to create a DMZ-based network
  • Testing network connectivity solutions using virtual environments

They tell us we live in a hyper-mobile world. Not that I’d know: I rarely leave my home office. I get to enjoy the comforts of my home office because all the server resources I could possibly need are available remotely. Apparently I’m not alone.

Almost everyone whose work touches IT will access their professional tools from remote locations from time to time. And given that the public networks through which you access those remote locations are by their very nature insecure, you’re going to want to carefully control those connections.

The previous chapter focused on making sure that the data consumed by your remote clients is reliably transferred and invisible to anyone who might be lurking on the connecting network. This chapter, by sharp contrast, will focus on making sure that the data consumed by your remote clients is reliably transferred and invisible to anyone who might be lurking on the connecting network. See the difference? Neither do I.

10.1. Building an OpenVPN tunnel

10.2. Building intrusion-resistant networks

10.3. Building a virtual network for infrastructure testing

Summary

Key terms

Command-line review

Test yourself