Securing VPN Loopholes
The securepush VPN solution easily integrates with your existing VPN system, enabling you to seamlessly close loopholes that threaten your VPN security. Some of the most common security loopholes inherent to the way VPNs are implemented and used:
- VPN connections fall short of providing real end-to-end protection
- weak user authentication mechanism (username/password)
- Users’ tendency to leave their VPN connection open for a long time, exposing it to threats
Reliable VPN user authentication is critical since the VPN practically connects the end user to the internal network or private cloud, thereby exposing organizational resources to endless hostile cyber threats.
How Securepush Online works
Installing the SecurePush proxy server between the organization’s VPN machine and the Active Directory or RADIUS server (that holds all the users login/security policies) provides the perfect solution for user authentication in VPN environments by adding biometric multi-factor authentication via the user’s cellular device.
Enhanced Corporate Security
The SecurePush VPN technology dramatically enhances the security level of organizational IT infrastructures, and enables other unique features for VPN users, such as:
- AD/RADIUS Automatic Users Import: for easy configuration and management of the SecurePush proxy server. It can automatically import existing users from the organization’s Active Directory or RADIUS server, based on group policies.
- Built-In User Management: SecurePush can operate independently of any AD/RADIUS server through its built-in user management capability. It can even manage VPN users autonomously when there is no AD/RADIUS server available.
- Geolocation-Based VPN Access: SecurePush lets organizations set a geolocating rule, which may comprise a third factor in the VPN user authentication process. This feature enables to limit the geographic range for the user’s VPN access. For example, it may apply a policy to prevent VPN users from accessing the network from any location outside the country.
- Biometric-Based Authentication: SecurePush includes an optional facial recognition capability and supports fingerprint identification that can be employed in the VPN authentication process, thus further protecting the VPN access process.
- Supervisor Authorizations: can be used for applying a policy that requires a second person’s authorization to establish VPN connections. This may be useful, for example, when enforcing a manager’s authorization, to allow singular remote access to the intranet. In this case, both the user and designated manager must confirm the VPN access.