cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
2207
Views
10
Helpful
2
Replies

IPSEC B2B VPN

ankit.dhawan
Level 1
Level 1

We have an IPSEC B2B tunnel with one of our business partners. Unfortunately, their corporate network is compromised by Hackers. We are concerned as they reached to there internal network and can cause potential threat to other organizations which are connected through B2B tunnel with them.If someone can tell me how can we prevent this situation from hurting our network that would be a great help.

 

Kind Regards

1 Accepted Solution

Accepted Solutions

Seb Rupik
VIP Alumni
VIP Alumni

Hi there,
The ACLs you have configured on your IPSec VPN which define the encryption domains at either end of the tunnel should only represent a subset of your internal private network. Ie, your business partner doesn't have complete access to your internal network. This will limit your exposure to the risk.
You should also have additional ACLs throughout your network which at a guess permit known source addresses, the majority of which will be from your own private subnets. This will further reduce your exposure.
Ensure that the services you do have exposed to the other organisation are patched!

You can also shutdown your VPN with the organisation citing the risk their compromised network poses to your own. This will put pressure on their IT department to resolve their security breach, allowing them to resume business operations with your company.

cheers,
Seb.

View solution in original post

2 Replies 2

Seb Rupik
VIP Alumni
VIP Alumni

Hi there,
The ACLs you have configured on your IPSec VPN which define the encryption domains at either end of the tunnel should only represent a subset of your internal private network. Ie, your business partner doesn't have complete access to your internal network. This will limit your exposure to the risk.
You should also have additional ACLs throughout your network which at a guess permit known source addresses, the majority of which will be from your own private subnets. This will further reduce your exposure.
Ensure that the services you do have exposed to the other organisation are patched!

You can also shutdown your VPN with the organisation citing the risk their compromised network poses to your own. This will put pressure on their IT department to resolve their security breach, allowing them to resume business operations with your company.

cheers,
Seb.

Thanks a lot Seb for the advise. It's very helpful. Thanks a lot !!
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: