User Guide - Protecting your users and your network using Cyber Shield

Overview

In this document, we examine OpenVPN Cloud being used to meet the needs of a fictitious scenario. Owen is in charge of IT and Networking for a technical college. Owen is looking for a solution that does not require him to manage, install, and maintain servers to achieve the following:

  • Provide staff and students remote access to the college’s campus network
  • Ensure that the remote users follow the college’s policies on appropriate content and activities while accessing the campus network
  • Keep the network safe from internet threats because research labs and students operate outside of strict IT security policies

Setup

Owen completed the signup process as shown here. Owen then followed the steps shown below to meet his objectives:

  1. Configured a Network to represent the college’s campus network and entered the IP subnets belonging to the campus networks as the Subnets for the Network. See, How to add a Network.
  2. Clicked on the Deploy button next to the Connector created for the Network to reveal various options and selected Operating Systems - Linux from the options list. He completed the installation of the Connector on a computer, running Debian, connected to the campus network. See, Installing Linux Connector.
  3. In order to prevent staff and students from accessing malicious websites while connected to the college’s network and to follow college internet use policies, Owen turns the domain filter Monitoring ON. Next, he blocks access to the websites by editing the domain filtering configuration, choosing the Custom block preset, and selecting all categories under the Hacking and Cracking and Malicious content categories. See, Configuring Cyber Shield Domain Filtering | OpenVPN Cloud Owen added certain research website domain names in the Allow List so that those domains could always be accessible even if they could fall under the Adult Content category. He also added specific domain names that led to heavy bandwidth usage in the Block List.
  4. To prevent threats from Malware, Ransomware, and Intrusion Activity from or to remote user’s devices, Owen turned ON Cyber Shield Traffic Filtering and selected the Malware and Ransomware, Intrusion Activity categories to be blocked. See, Configuring Cyber Shield Traffic Filtering For Blocking Threats | OpenVPN Cloud.
  5. Owen logged into the OpenVPN Cloud Administration Portal at least once a week to look at the Cyber Shield statistics. He noticed a spike in the blocked malware traffic one day and decided to investigate. He turned the Investigation Mode and drilled down to find the device generating traffic identified as a worm. The IP address belonged to a computer in an R&D lab. Owen notified the lab owner to take corrective action. See, the Analysis and Investigation section of Cyber Shield.