DOCSLIB.ORG

An Overview of Remote Access Vpns: Architecture and Efficient Installation

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
An Overview of Remote Access Vpns: Architecture and Efficient Installation IPASJ International Journal of Information Technology (IIJIT) Web Site: http://www.ipasj.org/IIJIT/IIJIT.htm A Publisher for Research Motivation ........ Email: [email protected] Volume 2, Issue 11, November 2014 ISSN 2321-5976 AN OVERVIEW OF REMOTE ACCESS VPNS: ARCHITECTURE AND EFFICIENT INSTALLATION DR. P. RAJAMOHAN SENIOR LECTURER, SCHOOL OF INFORMATION TECHNOLOGY, SEGi UNIVERSITY, TAMAN SAINS SELANGOR, KOTA DAMANSARA, PJU 5, 47810 PJ, SELANGOR DARUL EHSAN, MALAYSIA. ABSTRACT A Virtual Private Network (VPN) is a private data network that makes use of the public telecommunication infrastructure, maintaining privacy through the use of a tunneling protocol and security procedures. This paper presents the analysis and special performances of in communication especially the Remote Access Virtual Private Networks architectures and efficient installation to achieve by the way of secure alternative to traditional remote access is IP-based Virtual Private Networking (IP- VPN). In IP-VPNs, all connections to corporate intranets are calls to a local ISP, carried by the Internet to a corporate VPN gateway. Keywords:- VPN - Virtual Private Networks, RA-VPN - Remote Access Virtual Private Networks, ISP - Internet Service Provider, RRAS - The Routing and Remote Access Service, RADIUS - Remote Authentication Dial-In User Service. 1. INTRODUCTION A Virtual Private Network (VPN) is a public network being used for private communication. The VPN connection is an authenticated and encrypted communications channel, or tunnel, across this public network, such as the Internet. Because the network is considered insecure, encryption and authentication are used to protect data while in transit. VPN service is considered to be independent, in that client operation is transparent to the user and that all information exchanged between the two hosts World Wide Web, File Transfer Protocol, e-mail, etc. is transmitted across the encrypted channel. A Virtual Private Network (VPN) is a private data network that makes use of the public telecommunication infrastructure, maintaining privacy through the use of a tunneling protocol and security procedures. A virtual private network can be contrasted with a system of owned or leased lines that can only be used by one company. The main purpose of a VPN is to give the company the same capabilities as private leased lines at much lower cost by using the shared public infrastructure.[1]. 1.1 Routing A router is a device that manages the flow of data between network segments, or subnets. A router directs incoming and outgoing packets based on the information about the state of its own network interfaces and a list of possible sources and destinations for network traffic. By projecting network traffic and routing needs based on the number and types of hardware devices and applications used in your environment. We may decide whether to use a dedicated hardware router, a software-based router, or a combination of both. Generally, dedicated hardware routers handle heavier routing demands best, and less expensive software-based routers handle lighter routing loads. A software-based routing solution, such as RRAS in Windows, can be ideal on a small, segmented network with relatively light traffic between subnets. Enterprise network environments that have a large number of network segments and a wide range of performance requirements might need a variety of hardware-based routers to perform different roles throughout the network[1]. 1.2 Remote access By configuring RRAS to act as a remote access server, we can connect remote networks. Remote users can work as if their computers are directly connected to the network. All services typically available to a directly connected user including file and printer sharing, Web server access, and messaging are enabled by means of the remote access connection. An RRAS server provides two different types of remote access connectivity: Virtual Private Networking. A virtual private network (VPN) is a secured, point-to-point connection across a public network, such as the Internet. A VPN client uses special TCP/IP-based protocols called tunneling protocols to make a connection to a port on a remote VPN server. The VPN server accepts the connection, authenticates the connecting user and computer, and then transfers data between the VPN client and the corporate network. Volume 2, Issue 11, November 2014 Page 1 IPASJ International Journal of Information Technology (IIJIT) Web Site: http://www.ipasj.org/IIJIT/IIJIT.htm A Publisher for Research Motivation ........ Email: [email protected] Volume 2, Issue 11, November 2014 ISSN 2321-5976 Dial-Up Networking. In dial-up networking, a remote access client makes a dial-up telephone connection to a physical port on a remote access server by using the service of a telecommunications provider, such as analog telephone or ISDN. Dial-up networking over an analog phone or ISDN is a direct physical connection between the dial-up networking client and the dial-up networking server. Remote access is best defined as providing access to fixed site resources for users who are not at a fixed workstation at that same site's Local Area Network (LAN). The largest remote access user community is mobile or telecommuting users, such as a sales force or field engineering team. Figure - 1 illustrates a traditional remote access network using the Public Switched Telephone Network (PSTN) or the Integrated Services Digital Network (ISDN). Figure - 1. Traditional Remote Access (PSTN/ISDN Transport) Traditional Remote Access connectivity is achieved with users dialing into a dedicated PSTN/ISDN modem pool, maintained either by a corporate Information Systems/Information Technology staff or by the network service provider. A secure alternative to traditional remote access is IP-based Virtual Private Networking (IP-VPN). In IP- VPNs, all connections to corporate intranets are calls to a local ISP, carried by the Internet to a corporate VPN gateway[1]-[3]. 1.3 VPN Connection VPN can be broadly classified into two types of connections. They are: Remote access VPN and Site-to-site VPN. Figure - 1: Classification of VPN connection 1.3.1 Remote Access VPN A Remote Access VPN connection enables a user working at home or on the road to access a server on a private network by using the infrastructure provided by a public network, such as the Internet. From the user’s perspective, the VPN is a point-to-point connection between the client computer and the organization’s server. The infrastructure of the shared or public network is irrelevant because it appears logically as if the data is sent over a dedicated private link. 1.3.2 Site-to-Site VPN A Site-to-Site VPN connection (sometimes called a router-to-router VPN connection) enables an organization to have routed connections between separate offices or with other organizations over a public network while helping to maintain secure communications. When networks are connected over the Internet, as shown in the following figure - 2: a VPN-enabled router forwards packets to another VPN-enabled router across a VPN connection. To the routers, the VPN connection appears logically as a dedicated, data-link layer link. A Site-to-Site VPN connection the calling router authenticates itself to the answering router, and, for mutual authentication, the answering router authenticates itself to the calling router. In a Site-to-Site VPN connection, the packets sent from either router across the VPN connection typically do not originate at the routers. Site to site VPN can be further classified into two types. They are Intranet- based VPN Intranet-Based VPN and Extranet-based VPN[2]. Volume 2, Issue 11, November 2014 Page 2 IPASJ International Journal of Information Technology (IIJIT) Web Site: http://www.ipasj.org/IIJIT/IIJIT.htm A Publisher for Research Motivation ........ Email: [email protected] Volume 2, Issue 11, November 2014 ISSN 2321-5976 Figure - 2: VPN connecting two remote sites across the Internet Intranet-Based VPN : If a Company has more remote locations that it wishes to join in a single private network, it can create an Intranet VPN to connect LAN to LAN. Extranet-Based VPN : When a Company has close relationship with another company, it can build an Extranet VPN that connects LAN to LAN and allows all of the various companies to work in a shared environment. Remote access VPN can be also called as virtual private dial-up network (VPDN). This Remote access VPN establishes the User-to- LAN connection. Thus an authenticated User can logon to the VPN tunnel from anywhere using a laptop[2][3]. 2. AUTHENTICATION Authentication is the first major component of a VPN. Authentication is the process of identifying the entity ( user , router, or network device) requiring access. This authentication is often done by means of a cryptographic function, such as with challenge/response algorithms. The following sections discuss the other authentication methods[3]: Point-to-Point Tunneling Protocol Password Authentication Protocol/Challenge Handshake Protocol (PPTP- PAP/CHAP) Digital certificates RADIUS servers 2. 1 PPTP-PAP/CHAP Password Authentication Protocol (PAP) is the most insecure authentication method available today because both the username and password are sent across the link in clear text. Anyone monitoring the connection could collect and use the information to gain access to the network. The Challenge Handshake Authentication Protocol (CHAP) works as follows : 1. The client establishes a connection with the server and the server sends a challenge back to the client. 2. The client then performs a hash (mathematical) function, adds some extra information, and sends the response back to the server for verification. 3. The server looks in its database and computes the hash with the challenge. 4. If these two answers are the same, authentication succeeds. While CHAP eliminates a dictionary attack, the hashing functions could still be attacked . CHAP also supports the (user transparent) periodic challenge of the client username/password during the session to protect against wire-tapping[2][3].
Load more

Recommended publications
  • Network Services
    Network Services Module 6 Objectives Skills/Concepts Objective Domain Objective Domain Description Number Setting up common Understanding network 3.5 networking services services Defining more network Understanding network 3.5 services services Defining Name Understand Name 3.4 Resolution Techniques Resolution DHCP • Dynamic Host Configuration Protocol (DHCP) is a client/server protocol that enables configured client computers to obtain IP addresses automatically • The IP information obtained might include the following: • IP addresses • Subnet masks • Gateway addresses • DNS server addresses • Other advanced options • The DHCP Server service provides the following benefits: •Reliable IP address configuration •Reduced network administration DHCP Server • Before a DHCP server can start leasing IP addresses to client computers, the following steps must be performed: 1. Install the DHCP service 2. Configure an IP scope 3. Activate the scope 4. Authorize the server 5. Configure advanced IP options (optional) DEMO: Install and view the DHCP Service (and console) DORA • DHCP sessions use a four-step process known as DORA. • Discovery: The client sends a broadcast to the network to find a DHCP server • Offer: The DHCP server sends a unicast “offering” of an IP address to the client • Request: The client broadcasts to all servers that it has accepted the offer • Acknowledge: The DHCP server sends a final unicast to the client that includes the IP information the client will use • DHCP utilizes ports 67 and 68 Hey, are there any DHCP Servers here? (DHCPDiscover) Yes, I am a DHCP Server, and here is an IP Address for you (DHCPOffer) Thanks, I like that IP and I will take it (DHCPRequest) Ok, it s yours.
    [Show full text]
  • Courier V.Everything External Modem: Getting Started
    Courier V.Everything External Modem: Getting Started FINAL 4/96 p/n 1.024.492 1996 U.S. Robotics Access Corp. 8100 North McCormick Blvd. Skokie, IL 60076-2999 All Rights Reserved U.S. Robotics and the U.S. Robotics logo are registered trademarks of U.S. Robotics Access Corp. V.Fast Class and V.FC are trademarks of Rockwell International. Any trademarks, tradenames, service marks or service names owned or registered by any other company and used in this manual are the property of their respective companies. 1996 U.S. Robotics Access Corp. 8100 N. McCormick Blvd. Skokie, IL 60076-2999 USA Table of Contents About This Manual iii We Welcome Your Suggestions.............................................................iii Chapter 1 The Courier 1-1 Courier Controls, Displays, and Connectors.....................................1-3 Status Indicators ....................................................................................1-4 Features...................................................................................................1-5 Chapter 2 Installing the Courier 2-1 What You Need......................................................................................2-1 Package Contents...................................................................................2-3 Installing the Courier ............................................................................2-4 Setting the DIP Switches.......................................................................2-4 Powering On the Courier .....................................................................2-6
    [Show full text]
  • Page 1 of 12 Chapter 2
    Chapter 2 - Routing and Remote Access Service Page 1 of 12 Windows 2000 Server Chapter 2 - Routing and Remote Access Service Microsoft® Windows® 2000 includes the Routing and Remote Access service, a component originally supplied for Microsoft® Windows NT® version 4.0, which provides integrated multiprotocol routing and remote access, and virtual private network server services for Microsoft® Windows® 2000 Server-based computers. In This Chapter Introduction to the Routing and Remote Access Service Features of the Routing and Remote Access Service Architecture of the Routing and Remote Access Service Routing and Remote Access Service Tools and Facilities Related Information in the Resource Kit l For more information about unicast IP routing support, see "Unicast IP Routing" in this book. l For more information about IP multicast support, see "IP Multicast Support" in this book. l For more information about IPX routing support, see "IPX Routing" in this book. l For more information about demand-dial support, see "Demand-Dial Routing" in this book. l For more information about remote access, see "Remote Access Server" in this book. l For more information about virtual private networking support, see "Virtual Private Networking" in this book. Introduction to the Routing and Remote Access Service Multiprotocol routing support for the Windows NT family of operating systems began with Microsoft® Windows NT® 3.51 Service Pack 2, which included components for the Routing Information Protocol (RIP) for IP, RIP for IPX, and the Service Advertising (SAP) for IPX. Windows NT 4.0 also included these components. In June 1996, Microsoft released the Routing and Remote Access Service (RRAS) for Windows NT 4.0, a component that replaced the Windows NT 4.0 Remote Access Service, RIP for IP, RIP for IPX, and SAP for IPX services with a single integrated service providing both remote access and multiprotocol routing.
    [Show full text]
  • Routing and Remote Access Service (RRAS) Eventtracker V8.X and Above
    Integrate Routing and Remote Access Service (RRAS) EventTracker v8.x and above Publication Date: June 27, 2018 Integrate Routing and Remote Access Service Abstract This guide provides instructions to configure Routing and Remote Access Service (RRAS) to send the windows based events to EventTracker Enterprise. Scope The configurations detailed in this guide are consistent with EventTracker Enterprise version 8.x and later, and Microsoft Windows Server 2008 and later. Audience Routing and Remote Access Service (RRAS) users, who wish to forward windows based messages to EventTracker manager. The information contained in this document represents the current view of EventTracker. on the issues discussed as of the date of publication. Because EventTracker must respond to changing market conditions, it should not be interpreted to be a commitment on the part of EventTracker, and EventTracker cannot guarantee the accuracy of any information presented after the date of publication. This document is for informational purposes only. EventTracker MAKES NO WARRANTIES, EXPRESS OR IMPLIED, AS TO THE INFORMATION IN THIS DOCUMENT. Complying with all applicable copyright laws is the responsibility of the user. Without limiting the rights under copyright, this paper may be freely distributed without permission from EventTracker, if its content is unaltered, nothing is added to the content and credit to EventTracker is provided. EventTracker may have patents, patent applications, trademarks, copyrights, or other intellectual property rights covering subject matter in this document. Except as expressly provided in any written license agreement from EventTracker, the furnishing of this document does not give you any license to these patents, trademarks, copyrights, or other intellectual property.
    [Show full text]
  • Devicemaster ATS-NTE Installation and Configuration Guide
    Installation and Configuration Guide Trademark Notices Comtrol and DeviceMaster are trademarks of Comtrol Corporation. RocketPort is a registered trademark of Comtrol Corporation. Windows registered trademark of Microsoft Corporation. Other product names mentioned herein may be trademarks and/or registered trademarks of their respective owners. URL References All URLs in this document worked at the time of publication. Due to the nature of web sites, some links may not work, and you may need to search their site to locate the referenced information. First Edition, January 22, 2004 Copyright © 2003. Comtrol Corporation. All Rights Reserved. Comtrol Corporation makes no representations or warranties with regard to the contents of this document or to the suitability of the Comtrol product for any particular purpose. Specifications subject to change without notice. Some software or features may not be available at the time of publication. Contact your reseller for current product information. Document Number: 2000329 Table of Contents Installation and Setup ........................................................................................................................ 5 Audience .......................................................................................................................................................... 5 Product Overview ......................................................................................................................................... 5 Initial Hardware Installation ....................................................................................................................
    [Show full text]
  • Implementing SAS Using Microsoft Windows Server and Remote Desktop Paul Gilbert, Dataceutics, Inc., Pottstown, PA Steve Light, Dataceutics, Inc., Pottstown, PA
    Paper FC02 Implementing SAS using Microsoft Windows Server and Remote Desktop Paul Gilbert, DataCeutics, Inc., Pottstown, PA Steve Light, DataCeutics, Inc., Pottstown, PA ABSTRACT DataCeutics provides SAS-based clinical and statistical reportin g services to multiple pharmaceutical and biotechnology clients. This requires us to maintain a Microsoft Windows SAS programming environment that is easily and cost effectively managed by our systems administrators, supports multiple versions of SAS, sup ports related programming tools, supports electronic submission tools, allows our staff to work at the office or remotely, and provides our programming staff with a regulatory compliant environment. In this paper we discuss the advantages of using a Windo ws Server platform with user access via Remote Desktop vs. distributed Windows installations. We describe the Microsoft Windows software required to support the platform; the tools that are needed to support the SAS-based programming/electronic submission environment, and outline the qualification of this environment to meet industry systems compliance standards. INTRODUCTION DataCeutics provides SAS-based clinical and statistical reporting services to multiple pharmaceutical and biotechnology clients. We need to support SAS programming environments on both the UNIX and Windows platforms. This presents several challenges to DataCeutics. Clients require specific versions of SAS. We are required to support both v8 and v9 of SAS. This includes different tes t releases or service packs. This can lead to supporting up to six instances of SAS. Many of our employees have the flexibility to work at the office or remotely. This requires us to provide a consistent SAS programming environment to our staff independe nt of their physical location.
    [Show full text]
  • Free Remote Login Program
    Free remote login program click here to download A list of the best free remote access programs, sometimes called free remote desktop or remote control software. Last updated October, AeroAdmin. FREE and EASY remote desktop software! Set up a remote desktop connection within a few seconds! No installation and configuration required. Connect to a computer remotely, be it from the other end of the office or across multiple platforms and operating systems: Windows, Linux, Free BSD, Mac OS. The purpose of remote access software, sometimes also called remote desktop software or remote control software, is to let you control a. Remote desktop access solutions by TeamViewer: connect to remote computers, provide remote support & collaborate online ➤ Free for personal use! It's our top pick for remote access software for enterprise and corporate use. Edward. In addition to these third-party apps, Microsoft provides its free Microsoft Remote Desktop software that lets you access Windows PCs from. Popular zero- config free remote desktop software. It's used for system administration, webinars and instant remote desktop connection over the Internet. Remote Access Software – Find the best free remote desktop access software tools with their benefits, for remote device access control from any where. I want to use a software that is FREE that I can just use to remote into article of the top 10 Free Remote Desktop Connection Software we did. DesktopNow is a free, easy-to-use program for remote PC access to log into your computer from anywhere, control your desktop, run your programs & access. JoinMe vs AnyDesk vs Chrome Remote Desktop vs Windows RDP vs UltraVNC vs Remote Utilities vs WaykNow vs TeamViewer (Personal.
    [Show full text]
  • 2010 Title: Building a Windows NT Internet Server
    Paper#: 2010 Title: Building a Windows NT Internet Server Author: Jeremy Klein Company: Open-Ended Systems Corporation 546 North Oak St. Inglewood, CA 90302 Phone#: 310-419-5903 Building a Windows NT Internet Server 2010-0 Win InterNet® A NINE STEP APPROACH TO INTERNET CONNECTIVITY SUCCESS WITH WINDOWS NT Presenting a no-nonsense, plain and simple guide towards an Internet connection with Windows NT. This package includes straightforward instructions without obnoxious jargon on all of the steps required to have you cruising the Information Highway in no- time at all!! Brought to you by: Building a Windows NT Internet Server 2010-1 Microsoft Windows NT 3.5 The Internet Platform for Today’s Business Needs According to some estimates, over 30 Million people now have access to the Internet. The Internet is a public network that is used by universities, government agencies, businesses and individuals. Its growth rate has been explosive and promises to be even more explosive in the future as more commercial uses evolve. Businesses, that do not join the Internet, risk falling behind on the technology and missing out on an important communications medium. The Internet may well be as important an invention as the telephone in terms of the advancement of commerce. If you are reading this article, you are probably interested in establishing a presence on the Internet. It can be difficult to figure out where to start. The Microsoft Windows NT operating system is one of the best, low-cost solutions for businesses and individuals who want to stake a claim on the fast- paced, ever-changing Information Superhighway.
    [Show full text]
  • Windows Nt Workstation Iso Download Windows Nt Workstation 4.0 Iso Download
    windows nt workstation iso download Windows Nt Workstation 4.0 Iso Download. Network Management Card Device IP Configuration Utility v5.0.2 (for NMC/NMC2 firmware versions 3.x.x or higher only), Application,. Network Management Device IP Configuration Wizard v5.0.2. To write a review. Network Management Device IP Configuration Wizard v5.0.2. Network Management Device IP Configuration Wizard v5.0.2. Network Management Device IP Configuration Wizard v5.0.2. Apc network management card device ip configuration wizard download. An APC Network Management Card must be configured with network. Configuration Option 1 - Device IP Configuration Wizard - Network Configuration options. Version is currently only available to download from APC's website (v5.0.2). DAT from the respective user directory, default (standard user profile system (hardware configuration software (installed programs Security (control of the access list) and Sam (user account and passwords in the directory 'C Winnt/system32/config. Microsoft windows nt 4 0 free download - Microsoft Windows NT 4.0 Service Pack. Update your system with Service Pack 6a for Windows NT 4.0 Workstation. Windows NT 4.0 is an operating system that is part of Microsoft's Windows NT family of operating systems. It was released to manufacturing on July 31, 1996. [1] It was Microsoft's primary business-oriented operating system until the introduction of Windows 2000. Workstation, server and embedded editions were sold; all editions feature a graphical user interface similar to that of Windows 95. Microsoft ended mainstream support for Windows NT 4.0 Workstation on June 30, 2002 and extended support on June 30, 2004, while Windows NT 4.0 Server mainstream support ended on December 31, 2002 and extended support on December 31, 2004.
    [Show full text]
  • Development of an Entry Level Course in Local Area Networks
    Session 2548 DEVELOPMENT OF AN ENTRY LEVEL COURSE IN LOCAL AREA NETWORKS Regina Nelson and Aldo Morales College of Engineering Penn State University at DuBois DuBois, PA 15801 Abstract An introductory course in local area networks (LANs) for Penn State University at DuBois Campus has been designed. This course is tailored for first and second-year electrical and computer engineering students as well as for students in programs such as electrical engineering technology, management information systems, and business administration. Course topics include computer hardware basics, the hardware compatibility list, network cards and protocols, media, network operating system characteristics and network administration. The course is hands-on oriented with a one- hour lecture two-hour lab per week. The course has been very successful and it has been adapted for a five-day continuing education course. I. Introduction It is becoming evident that a good knowledge of networking is critical for success in many kinds of computer-based work. Understanding enough to be able to troubleshoot network problems could become a significant bargaining chip in the job market of the 21st century. Consequently, we have designed an introductory course in local area networks for Penn State University at DuBois Campus. This introductory course in networking is an appropriate selection not only for first- and second-year electrical and computer engineering students but also for students in programs such as electrical engineering technology, management information systems, and business administration. Today most students are comfortable with Windows-based software and have at least some familiarity with e-mail and Internet. With interest as the only pre-requisite, this course is designed to take students from this basic level of comfort and familiarity to a higher level, namely familiarity and comfort with networking concepts and the supporting computer hardware.
    [Show full text]
  • Serial I/O Solutions
    Serial I/O Solutions IBM Serial I/O Multiport Boards deliver the performance and speed you need — at a very affordable price. These intelligent serial I/O boards use less than 1% system load so your server won’t slow down as you run more applications, attach more devices or service more users. Installation and set up take just a few minutes. Using the “autoinstall” feature on the supplied SuperSerial CD, your boards will automatically be detected, located and configured. This CD also includes all drivers, manuals, extensive install/diagnostic help and utilities. Multiport Boards are available in 8 and 16-port configurations. IBM Serial I/O Expandable Subsystems provide an easy, manageable and cost-effective way to attach up to 128 devices to one slot in your server. For local or clustered connections, mix and match any combination of DB-25 or RJ-45 connectors. If you want to connect a cluster of serial devices up to 3,500 feet from the server, use the Serial I/O Multiplexer Sets. Serial I/O Multiport Boards Benefits and Features y &RQQHFWV IURP RU SRUWV WR RQH VORW LQ \RXU VHUYHU y 6XSSRUWV VSHHGV XS WR .ESV SHU SRUW IXOO GXSOH[ y 2IIORDGV YLUWXDOO\ DOO VHULDO SURFHVVLQJ IURP WKH KRVW SST-16P DB board with 16 Port Connector Panel &38 The IBM PORT 8 or 16 SIO adapters with connection y YROWV PXOWLVWULNH VXUJH SURWHFWLRQ RQ HYHU\ SLQ capability for all existing RS232 serial devices for RI HYHU\ SRUW remote access, point-of-sale, automation, etc. These adapters are an intelligent serial IO interface card for y ,QFOXGHV IXOO PRGHP FRQWURO RQ DOO SRUWV 7;' PCI based workstations and Netfinity Servers.
    [Show full text]
  • Microsoft Windows Server 2012 R2 Benchmark
    CIS Microsoft Windows Server 2012 R2 Benchmark v2.2.0 - 04-28-2016 This work is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International Public License. The link to the license terms can be found at https://creativecommons.org/licenses/by-nc-sa/4.0/legalcode To further clarify the Creative Commons license related to CIS Benchmark content, you are authorized to copy and redistribute the content for use by you, within your organization and outside your organization for non-commercial purposes only, provided that (i) appropriate credit is given to CIS, (ii) a link to the license is provided. Additionally, if you remix, transform or build upon the CIS Benchmark(s), you may only distribute the modified materials if they are subject to the same license terms as the original Benchmark license and your derivative will no longer be a CIS Benchmark. Commercial use of CIS Benchmarks is subject to the prior approval of the Center for Internet Security. 1 | P a g e Table of Contents Overview ............................................................................................................................................................... 22 Intended Audience ........................................................................................................................................ 22 Consensus Guidance ..................................................................................................................................... 22 Typographical Conventions .....................................................................................................................
    [Show full text]