A remote access server provides a way for external hosts to gain access to internal resources, so their security is particularly important. In addition to permitting unauthorized access to resources, a compromised server could be used to eavesdrop on remote access communications and manipulate them, as well as to provide a “jumping off” point for attacking other hosts within the organization.
It is particularly important for organizations to ensure that remote access servers are kept fully patched and that they can only be managed from trusted hosts by authorized administrators. Organizations should also carefully consider the network placement of remote access servers; in most cases, a server should be placed at an organization’s network perimeter so that it acts as a single point of entry to the network and enforces the telework security policy before any remote access traffic is permitted into the organization’s internal networks.
- NIST Special Publication 800-46, at ES-2.