Implementasi Jaringan VPN untuk Mengurangi Biaya Komunikasi Menggunakan Metode EoIP Over PPTP: Studi Kasus House Printing

Perusahaan di bidang percetakan masih sangat dibutuhkan, meski dunia digital kini semakin berkembang pesat. Banyak korporasi masih membutuhkan media cetak sebagai penunjang untuk memenuhi kebutuhan perusahaan. House Printing adalah salah satu perusahaan di bidang percetakan yang masih berkembang, dengan perkembangan teknologi saat ini kebutuhan akses data tidak cukup dibebankan dengan akses lokal saja, sehingga dibutuhkannya struktur jaringan yang mampu mengakses data lebih cepat meski dengan jarak jauh sekalipun. Selain itu, koneksi jaringan yang dibutuhkanpun tidak ingin terpaku oleh salah satu provider saja. Sebagai perusahaan industri kreatif yang sedang berkembang dengan mengikuti perkembangan teknologi yang ada, House Printing memiliki tanggung jawab penuh untuk memberi layanan terbaiknya kepada para pelanggannya. Tidak hanya sekedar meliputi produk atau jasa yang ditawarkan, akan tetapi berkaitan dengan akses data dari kantor cabang ke kantor pusat atau sebaliknya. Terlebih dengan kondisi pandemic yang tak kunjung usai, yang mengharuskan karyawan bekerja dari rumah. Dengan file grafis yang memiliki ukuran kapasitas yang cukup besar, sangat menghambat kinerja perusahaan jika hanya transfer data melalui email saja. Selain itu menjadikan pelayanan perusahaan tidak efektif dan kurang memuaskan bagi pelanggan apabila terdapat gangguan jaringan dll, karena tidak dapat akses ke kantor pusat. Dengan menyesuaikan kondisi perusahaan dan kebutuhan dukungan jaringan pada perusahaan, salah satu opsi penyelesaian masalah untuk transfer data agar lebih mudah adalah dengan menggunakan metode VPN atau dengan menggunakan metode Cloud Storage. VPN atau yang disebut juga Virtual Private Network merupakan salah satu alternatif pengaman data yang bersifat privat yang memungkinkan penggunaannya untuk perusahaan berkembang dengan efisiensi biaya untuk perusahaan.

Applying Spring Security Framework with KeyCloak-based OAuth2 to Protect Microservice Architecture APIs for a Health eCoach System: A Proof-of-Concept Study (Preprint)

UNSTRUCTURED The Internet of Medical Things (IoMT) combines medical devices and applications connected to healthcare information technology systems using network technologies. With the flourishing adaptation rate of Internet-enabled medical devices in healthcare applications, we need to guarantee the security and privacy of electronic health records (EHRs) and communications among these IoMT devices, exposed web services, and the underlying infrastructure. This research is a proof-of-concept (PoC) study for implementing an integrated security solution with Spring Security and KeyCloak open-access platform (SSK) to safeguard microservice architecture application programming interfaces (APIs). Subsequently, we extended the security solution with a virtual private network (VPN), Bcrypt hash, API key, network firewall, and secure socket layer (SSL) to build up a digital infrastructure following the Norwegian data protection policies and General Data Protection Regulation (GDPR). In this study, we have not proposed any new security solution; however, we have focused on accomplishing a hybrid security solution based on the established frameworks (e.g., Spring Security) and open-access software product (e.g., Keycloak) to protect microservice APIs for a health eCoach system as a PoC study. This study describes the methodological, technical, and practical considerations to protect REST interfaces only and ensuring the privacy of data in the system. We validate our SSK security implementation by theoretical evaluation and experimental testing. In addition, we compare the test results with related studies qualitatively to determine the effectiveness of the hybrid security solution (SSK).

A Survey on the Implementation and Management of Secure Virtual Private Networks (VPNs) and Virtual LANs (VLANs) in Static and Mobile Scenarios

Nowadays, the demand for connection between the remote offices of a company, or between research locations, and constantly increasing work mobility (partly due to the current pandemic emergency) have grown hand in hand with the quality and speed of broadband connections. The logical consequence of this scenario is the increasingly widespread use of Virtual Private Network (VPN) connections. They allow one to securely connect the two ends of a connection via a dedicated network, typically using the Internet and reducing the costs of Content Delivery Network (CDN) lines (dedicated connections). At the same time, Virtual Local Area Networks (VLANs) are able to decrease the impact of some scalability issues of large networks. Given the background above, this paper is focused on overviewing and surveying the main progresses related to VPNs and VLANs in wireless networks, by collecting the most important contributions in this area and describing how they can be implemented. We state that security issues in VLANs can be effectively mitigated through the combination of good network-management practices, effective network design and the application of advanced security products. However, obviously, the implementation of VPNs and VLANs poses specific issues regarding information and network security; thus some good solutions are also surveyed.

Analysis of network security organization based on SD-WAN technology

A Software-Defined Network (SDN) on a Wide Area Network (WAN) is a computer network that is controlled and created by software. SD-WAN is an emerging research area that has received a lot of attention from industry and government. This technology offers tremendous opportunities to support the creation of consolidated data centers and secure networks. This is an innovation that allows the network to be monitored and programmed so that it can respond to network events caused by security breaches. This solution provides network security, offers a single network management console, and provides complete control over the network architecture. Also controls security in the cloud software-defined infrastructure (SDI), such as dynamically changing the network configuration when forwarding packets, blocking, redirecting, changing Media Access Control (MAC) or Internet Protocol (IP) addresses, limiting the packet flow rate etc. Using SD-WAN technology, it is possible to reduce the cost of dedicated bandwidth channels, achieve a high-quality Virtual Private Network (VPN), and the ability to automatically select a channel for certain channels. The main advantages of SD-WAN are the management of an unlimited number of devices from a single center, reducing the cost of deploying branch infrastructure. According to the results of the survey, 7 % of respondents use SD-WAN for security solutions, 14% at the piloting stage. As a result of the research, it was revealed that by 2024, to increase the flexibility and support of cloud applications, more than 60 % of SD-WAN customers will implement the SASE (Secure Access Service Edge) architecture, which is 30% more than in 2020 and the main concept - application security and cloud functions. Keywords: OpenFlow, Software defined wide area network (SD-WAN), architecture, DDoS attack, WAN network

ANALISIS KEAMANAN VOICE OVER INTERNET PROTOCOL (VOIP) OVER VIRTUAL PRIVATE NETWORK (VPN)

This research was conducted on the basis of the influence of security systems that play a role in encrypting data on VoIP communication systems, with the security technology of PPTP VPN computer networks with the system passing data in a virtual private ip or as a tunnel for secure data transmission media. The results obtained from security analysis for the implementation of security methods on PPTP VPNs, then the data to help developers in terms of building a secure VoIP communication system. Basiclly ZRTP uses the Diffie-Hellman key exchange as a key exchange of communication between clients, which is the key for communication between clients using hashes from Diffie-Hellman and is done peer-to-peer through the VOIP RTP package, while the Point-to-Point Tunneling Protocol (PPTP) is a network protocol that allows the secure transmission of data from the remote client to the server by creating a virtual private network (VPN) through a network of data. TCP/IP or UDP is dedicated to encryption and creates RTP tunnel transport on VoIP communication systems. VoIP communication system research is conducted using 2 security methods, namely VoIP VPN PPTP, VoIP ZRTP, with the aim to find out the results of VoIP communication testing using PPTP and ZRTP VPN security methods if an attack occurs during VoIP communication

A Great Approach for Medium Size Hospital Network Infrastructure Architecture

To get first-hand experience for setting up a network infrastructure in a medium size hospital to manage the patient’s services, check-ups, follow-up plans from different parts of the hospital primes and store the data into the secured and safe manner in the database and use the data whenever required from the management team for their references. The network architecture based on the concept of the Three- layer network architecture combination of Mesh topology & Bus topology taking into the consideration of the primary data security, remote access to the network, size of the hospital organization, cost-effective, user-friendly and most importantly scalability required in the network architecture for future changes based on the size of the database, utilization of applications remotely, and for security of the data, changing technology etc. The goal of any network architecture is to protect the DATA from any attacks both internally and externally. For internal DATA security it is protected through various user permissions in different layers in the network for the end users. For Outside threat VPN tunnel, Policies, traffic filtering configured at the firewall level. Keywords: HIS-Hospital Information System, VPN- virtual private network tunnel, VLAN- Virtual LAN, HL7- Health Level Seven International, L3- Layer 3, ISP- Internet service provider

SafeSearch: Obfuscated VPN Server using Raspberry Pi for Secure Network

Virtual Private Network (VPN) is a private network that uses public network to tunnel the connection from the users’ end to the VPN server. VPN allows users to create a secure connection to another network over the public Internet. VPNs can be used to shield users’ browsing activity and encrypts data transmitted over the network to prevent sniffing attack. Nowadays, users can either pay a premium price for a good VPN service or risk their privacy using free browser-based VPN. Thus, SafeSearch is developed to address these issues in mind. With SafeSearch, users will not need to fork out a lot of money for premium VPN subscription services or expose themselves to targeted advertising when utilising free browser-based VPN. In this study, open VPN protocol was used to create the VPN server on a microcomputer called Raspberry Pi. The software used was mostly open-source except for the VPN client. Obfuscation technique was used to hide VPN traffic by disguising it as just another normal Internet traffic against Deep Packet Inspection when passing through firewall. After the VPN server was established, tests were carried out to evaluate the functionality and reliability of the VPN server in “real-world” environment. The tests conducted were network restriction penetration assessment, network performance and user acceptance test. Penetration assessment result showed that SafeSearch is capable of bypassing web filtering and deep packet inspection. Network performance during SafeSearch connection has slight latency and bandwidth decline, although it is not overly affected. The outcome of the user acceptance test was positive as the majority of participants of the study were confident that SafeSearch can secure their connection and protect their privacy when browsing the web. To conclude, both objectives of this project were fully achieved and the scope of study was followed thoroughly.