Secure Communication

VPN - Virtual Private Network

  • Encrypts all data moving across a public network, ensuring secure communication between devices and networks.
  • Can be used by a remote user to securely access a private network, such as a corporate network, over the internet.

Encrypted Tunneling

  • Encrypting data across a public network, protecting sensitive information in transit.
    • TLS/SSL: Used to establish a secure connection, often in VPNs for remote user access. TLS (Transport Layer Security) is the modern, secure version of SSL.
    • IPSec: A protocol suite used for securing IP communications by authenticating and encrypting each IP packet, typically used in VPNs for site-to-site networking in a WAN architecture.

SD-WAN - Software Defined Wide Area Network

  • A WAN architecture designed for the cloud, enabling secure and efficient site-to-site communication across distributed networks.
  • SASE (Secure Access Service Edge) is a security framework that integrates network and security services, providing secure connections in an SD-WAN environment. It is considered a "next-generation" VPN.

Selection of Controls

  • VPN: Used for secure remote user access to private networks.
  • IPSec: Used for secure site-to-site networking in WAN architectures, particularly between organizational branches or data centers.
  • SD-WAN: Uses SASE for cloud-based site-to-site communication, combining security and network management in distributed environments.