of the top twenty-five vulnerabilities that are currently being targeted by Chinese attackers. The list covers a wide variety of different software and vulnerabilities, but right at the top is a VPN vulnerability. Topping the NSA\u2019s list is a vulnerability in the Pulse Secure VPN. A specially designed malicious request can allow an attacker to read files on the server. This file read can be used to expose keys, passwords, or other sensitive information.<\/span><\/p>\nIf an attacker can exploit the Pulse Secure vulnerability (or any VPN vulnerability), there is a chance that they can compromise a user account or bypass the authentication on a VPN. If so, they can take advantage of the VPN\u2019s intended functionality: to allow remote access to the enterprise network.<\/span><\/p>\nReplacing VPNs with a Modern WAN Solution<\/b><\/h3>\n VPNs have a number of different issues. A major problem with VPNs is that they were designed for a network infrastructure that no longer exists; one where the majority of an organization\u2019s users and resources were located on the corporate LAN. As resources and users move to the cloud and telework, attempting to use VPNs for the corporate WAN creates significant issues with network latency and performance.<\/span><\/p>\nThis is in addition to the security issues associated with a VPN-based WAN. VPN vulnerabilities are common, yet many organizations lag behind on their vulnerabilities management programs. This combination places these companies at risk of attack.<\/span><\/p>\nThe use of a modern WAN solution, like SASE, helps to eliminate these VPN-specific issues. SASE offers a number of different features that VPNs lack, such as:<\/span><\/p>\n\nIntegrated Security:<\/b> A SASE point of presence (PoP) includes a fully integrated security stack. This enables it to provide the same level of security as routing traffic through the headquarters network without relying on centralized security infrastructure.<\/span><\/li>\nNetwork Optimization:<\/b> SASE PoPs integrate software-defined WAN (SD-WAN) functionality that enables optimal traffic routing between SASE PoPs. This optimized routing minimizes the latency of the SASE network.<\/span><\/li>\nLocation Independence:<\/b> Many VPNs are implemented as physical appliances deployed on the corporate LAN. SASE PoPs are located in the cloud, enabling them to be deployed geographically near common traffic sources and destinations (cloud infrastructure, remote users, etc.). This minimizes the latency incurred by users due to their use of the SASE-based WAN.<\/span><\/li>\n<\/ul>\nThese features enable SASE to provide superior network performance and security compared to VPNs. However, the design of SASE also means that it is easy to implement it as a managed offering. This enables organizations to hand over responsibility for maintenance, eliminating the risk associated with managing the vulnerabilities that are so common with VPN solutions.<\/span><\/p>\n","protected":false},"excerpt":{"rendered":"Virtual private networks (VPNs) are a commonly-used remote access solution. However, this does not mean that they are a good or secure one. VPNs are prone to vulnerabilities, and cybercriminals take advantage of this fact. The insecurity of VPNs, combined with their other shortcomings, is a good reason to consider upgrading to a VPN alternative. <\/p>\n","protected":false},"author":1,"featured_media":11075,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":"","_jetpack_memberships_contains_paid_content":false,"jetpack_publicize_message":"","jetpack_publicize_feature_enabled":true,"jetpack_social_post_already_shared":true,"jetpack_social_options":{"image_generator_settings":{"template":"highway","enabled":false}}},"categories":[12892],"tags":[13267,14332],"jetpack_publicize_connections":[],"yoast_head":"\n
VPN Vulnerability Most Targeted By Chinese Hackers<\/title>\n \n \n \n \n \n \n \n \n \n \n \n \n\t \n\t \n\t \n \n \n \n \n \n\t \n\t \n\t \n