Too Long; Didn't Read
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) and the National Security Agency recently released guidance for improving the security of virtual private network (VPN) solutions. The guidance suggests choosing only industry-standard solutions and avoiding non-standard VPN solutions, including a class called Secure Sockets Layer/Transport Layer Security (SSL/TLS) VPNs. The agencies issued an Information Sheet named “Selecting and Hardening Remote Access VPN Solutions” that provided recommendations on selection criteria for a remote access VPN solution.