Thursday, January 27, 2022

What's Best for Remote Workers: VDI or VPN?

VPN serves to create a secure tunnel between an endpoint device and the company network allowing secure remote access to company network from an internet location. When granting VPN access, administrators need to carefully allow access permissions to required systems, allowing users only to access designated systems.

VDI (Virtual Desktop Infrastructure) generally transmit virtualized hosted desktop environments and/or business applications. VDI is device-agnostic and it doesn’t rely on the end-user hardware. If required, own dedicated Windows-based system can be provided to each user so that they can be customized. Each machine can be configurued to work independently of the others.

With VPN, the processing is done on the client machine whereas VDI processing is  done at the server side. Further VDI can be configured to restrict data from leaving the corporate network. However with VPN, data can still be moved to client devices unless extra  measures have not been configured to prevent such attempts.

Both VPN and VDI are used for gaining secure remote access. Even though VPN is  more suitable for smaller businesses as it is cost-effective, easy to implement, and simple to use, Companies with the increased number of work from home users consider  VDI as more effective in enabling WFH arrangements.

Any vulnerabilities on using the windows 7?

MS  Windows 7 reached end of life by January  14, 2020. However Windows 7 Extended Security Updates (ESU) provides security updates for critical and important issues as defined by Microsoft Security Response Center (MSRC) for a maximum of three years from Jan 14, 2020. ESU is available only for Windows 7 Professional and Windows 7 Enterprise. Organizations can purchase ESU at any time during the three years that the offer is available (2020, 2021, and 2022).

If you have not purchased ESU, any Windows 7 PCs (Professional or Enterprise) will not receive security updates. Therefore with all these older version of operating systems unpatched security holes/vulnerabilities will be gradually accumulated within your IT infrastructure. It increases the overall security risks due to unpatched vulnerabilities leaving the environment more susceptible for security threats.

I recommend upgrading to Windows 10 or 11 whenever possible.

Reference:

[1] https://docs.microsoft.com/en-us/troubleshoot/windows-client/windows-7-eos-faq/windows-7-extended-security-updates-faq

Monday, January 3, 2022

Does telnet client represent a security?

I always advice to disable telnet unless telnet use is absolutely necessary. Telnet sends authentication details (username and password) in clear text, allowing packet sniffers to read credentials. Further this can be used as a callout mechanism by malware.

Disabling the Telnet service will prevent logging into the server using valid account credentials.

Having a telnet client isn't a critical/high risk threat in itself, if you're using it within your local network. The less tools are left to the user, the less mistakes he can do with them.

The main usage of telnet client (Without enabling the server service) is to test network exchanges at low level. However this will be of no use for the general user and will only be required by the relevant administrators who wants to troubleshoot connectivity.

Simply the last assumption behind disabling the telnet client is that a user who really needs it will certainly be able to enable it.