OpenVPN Security Advisory: Dec 14, 2018
Action needed: Important update for OpenVPN Access Server

OpenVPN Update Creates Secure Network Connection for Remote Employees

With Access Server 2.6.1, remote workers can access their employer’s network more securely using secure LDAP

PLEASANTON, CA, Dec. 14th,  2018 - Today, OpenVPN, a leading open source VPN protocol, announced it is updating its access server to provide support for user authentication using secure Lightweight Directory Access Protocol (LDAP). This update, known as AS 2.6.1, will give remote users a more secure way to access their employers’ networks.

“When you work on-premise, your network can monitor and restrict access to certain sites to protect the itself from risk,” says Francis Dinha, CEO of OpenVPN. “Employees working remotely don’t have that protection unless they have virtual access to their company’s network. Through secure LDAP, AS 2.6.1 will give companies more secure flexibility as they expand and scale their business.”

This move comes in response to increasingly more companies employing remote workforces. According to Upwork’s 2018 Future Workforce Report, 38% of permanent employees will likely be working remotely by 2027. And although most business leaders agree that the risk of a data breach increases when employees work remotely, more than half of all businesses still do not have a unified work-from-home policy.

With the support of secure LDAP, this update allows remote users to securely query external directories or Identity as a Service (IDaaS) providers through Access Server. OpenVPN, in partnership with Google, has enabled Cloud Identity to serve as the single identity and access management platform for SaaS and VPN access authentication and authorization, bringing users a more secure and smooth overall experience.

“We're happy to offer our customers the ability to securely connect to Google's Cloud Identity service,” says Johan Draaisma, Access Server Feature Lead at OpenVPN. “This will be beneficial for people who want to access infrastructure and services using a single identity management platform. In addition, we’ve implemented a number of general bug fixes and improvements, including an update for the licensing system that will increase security and allow for more flexible licensing options in the future. Improvements like these, which are now available in AS 2.6.1, will ensure that our customers get the best product experience possible.”

Other updates to AS 2.6.1 include an adjustment to the data compression default setting from “ON” to “OFF” so users are better protected from the recent VORACLE vulnerability while still having the option of data compression if needed. The latest OpenVPN Connect clients are also bundled in this update, which will make for a more robust and convenient user experience.

“Our goal is always to provide easier access and increasingly secure solutions for businesses as they scale and adjust their workforce,” says Rohit Kalbag, Senior Product Manager at OpenVPN. “We’re always striving to improve — and we’re looking forward to seeing users utilize this latest update.”

For more information, contact press@openvpn.net

Media Contact:
NAME: Nineveh Madsen
EMAIL: press@openvpn.net

 

Share