Secure Mobile VPN

Mobility

Feedsee Mobility : Secure Mobile VPN : Smartphone support, authentication, and enhanced user experience

In 2007, Bluefire Mobile Security VPN provided an IPsec compliant secure connection for data-in-transit, and ws certified as RSA SecurID Ready with two-factor authentication technology from RSA, the Security Division of EMC, through the RSA Secured Partner Program. Bluefire's VPN was compliant with Federal Information Processing Standards 140-2 (FIPS 140-2), and operated across Wi-Fi, LAN, and cellular networks with no user intervention. The version included support for smartphones and X.509 certificates. Version 2.7 supported Windows Mobile 5.0 Smartphone OS-based Cingular Blackjack, Cingular 3125, T-Mobile Dash, Motorola Q Pro, and Palm Treo 750. Bluefire's VPN included support for X.509 certificates and RSA SecurID software token integration. Automatically configure perfect forward secrecy (PFS) for use with Cisco gateways. Install VPN software to storage cards or device memory. Import and export connection profiles with the group password in an encrypted format. Proxy Settings for the VPN network were supported.

Securing a mobile Virtual Private Network (VPN) requires following best practices and implementing industry-standard protocols and measures. Here are some key standards and protocols:

  1. IPsec (Internet Protocol Security): A set of protocols developed by the IETF to support the secure exchange of packets at the IP layer. IPsec is often used for a traditional VPN where all traffic is routed through the VPN (full tunnel).
  2. SSL/TLS (Secure Sockets Layer/Transport Layer Security): These cryptographic protocols provide secure communication on the internet. Many VPNs use SSL/TLS in the form of OpenVPN or as part of an SSL VPN to secure browser-based VPN connections.
  3. IKEv2 (Internet Key Exchange version 2): A protocol that allows dynamic changing between networks (for example, between WiFi and mobile data) without dropping the VPN connection. This is particularly important for mobile VPNs where the network is likely to change as the user moves around.
  4. L2TP (Layer 2 Tunneling Protocol): Often combined with IPsec for increased security, this protocol creates a tunnel between two L2TP connection points and IPsec provides the encryption for the data flowing through the tunnel.
  5. WireGuard: A newer, open-source VPN protocol aiming to offer better performance and more simplicity than IPsec and OpenVPN. As of my knowledge cutoff in September 2021, it's gaining adoption and may become a new standard.
  6. Multi-Factor Authentication (MFA): This is another layer of security, confirming user identities by requiring multiple forms of verification. It's a crucial aspect of securing any VPN, mobile or not.
  7. Secure Password Policies and Procedures: Strong, unique passwords, along with regular updates, can drastically improve the security of any VPN network.
  8. Encryption Standards: Modern VPNs should use strong encryption standards like AES-256 to protect data.
  9. Kill Switch: This is a feature that automatically disconnects the device from the internet if the VPN connection drops, preventing data leaks.
  10. No-logs Policy: A strict no-logs policy ensures that the VPN provider does not store information about your online activity.
  11. DNS Leak Protection: This prevents DNS requests from being sent outside of the VPN tunnel.