The ISO 27033-5 standard provides guidelines for selecting, implementing and monitoring the technical controls necessary to provide network security when using virtual private networks (VPNs) to interconnect networks or to connect remote users to networks.
In their simplest form, VPNs provide a mechanism for establishing a secure data channel or channels over an existing network or point-to-point connection.
ISO 27033-5 describes the security threats facing VPNs (principally intrusions and denial-of-service (DoS) attacks), outlines the security issues affecting VPNs (including providing resistance to DoS and unauthorised access attacks, and protecting against label spoofing), and describes the security requirements necessary to maintain the confidentiality, integrity and availability of data in transit through a VPN tunnel.
It explains the need to apply controls to secure VPN tunnels based on organisational security policies and risk appetites, sets out the means of creating VPN tunnels via the use of virtual circuits, label switching or protocol encapsulation, and addresses regulatory, legislative, management, architectural and technical considerations for VPNs. It also provides guidelines for selecting carrier protocols and VPN appliances.
Buy today for immediate download or dispatch.