VPN offering from SerNet
With modern VPN technology, a computer can securely access centralized and well-secured information from anywhere over the Internet. Important building blocks for this are
- a well-protected computer itself (see endpoint security), on which VPN client software is installed,
- the central information protected by firewall from a direct intrusion and
- a VPN gateway that is accessible from the Internet and is allowed to send data through the firewall.
The VPN gateway communicates with the endpoint computer only in encrypted form and establishes this connection using 2-factor authentication (see 2FA) whenever possible.
SerNet supports a variety of VPN technologies such as IPSEC, OpenVPN or SSL in products from Cisco, Sophos and others - and on Linux.
Under the name Cisco Firepower, manufacturer Cisco offers one of the most widespread VPN routers on the market.
In interaction with the client software "Cisco AnyConnect", numerous computer endpoints can establish encrypted connections directly with the Cisco Firepower and transport data that can be decrypted on the Firepower and routed into secure networks via connected firewalls. AnyConnect is available for the following platforms:
- Microsoft Windows
- Apple macOS
- Linux, alternatively OpenConnect can be used
- Apple iOS for iPhone and iPadOS
- Android for smartphones and tablet computers
SerNet provides Cisco Firepower as an appliance for integration into customer networks - but also as a cloud service in the SerNet data centre.
OpenVPN is a free software (open source) for setting up a Virtual Private Network (VPN) via an encrypted connection. This software is freely available on the internet entirely as OpenSource software, but is also commercially supported by the founders of the platform, see https://openvpn.net/.
SerNet uses OpenVPN on Linux primarily to connect corporate networks of different sites. A variety of bandwidth management options and important security features can be individually configured as needed and monitored around the clock.
"One in your mind - one in your hands" - this is how 2FA works. A simple password security is not enough for checking corporate mail in an internet cafe somewhere in the world or access private data via notebook and VPN. Only with an additional PIN-TAN access method or smart cards the necessary additional security is available.
The simplest method of 2FA is the PIN-TAN procedure. In addition to entering a password (PIN), a freshly generated transaction number (TAN) must be entered. The TAN can be received via SMS, generated via smartphone app, or quite physically via a credit card-sized card or key fob.