Do we need a VPN?

2

We are looking at setting up a server for our university research group (small group of 5 people). The server is eventually going to be gathering and storing data from a number of our project partners in external locations. The current plan is to setup a linux server running MySQL.

Our sysadmin is very worried about system security and is suggesting we set it up as a VPN server (we will have to do most of the work setting it up).

Our original option was to run a LAMP stack (our sysadmin is highly opposed to this solution). Another option was to access the database through a locally run java program that listens on a specified port.

A colleague of mine wishes to eventually do some distributed computing (using java) through the server and feels he may be restricted by the VPN. However, I found this article: https://stackoverflow.com/questions/14706962/initiating-a-vpn-connection-programatically-on-linux-via-java-or-shell-script and this: https://stackoverflow.com/questions/5680006/a-java-based-vpn , does this mean he could run his client programs on external computers and they would automatically connect to the VPN without any special software? The computers would be university computers where we are unable to install or run anything requiring administrator rights.

Do we really need a VPN? Is a LAMP stack really so insecure (when running through https)? We are not from a computing faculty but we do know how to to use prepared statements and avoid SQL injection. We would like to run the LAMP stack as we have already created some nice web interfaces that could be used by project partners in the future when they wish to look at their own data and the results we have obtained.

So my questions are:

  • Can we run distributed computing, using java, through a VPN without any special software or administration?

  • Is a LAMP stack using https so much less secure than a VPN? Could we access a LAMP stack through a VPN using a standard web browser without external software?

  • Is there another better solution that we haven't thought of?

Thanks in advance for your help!

Wilhelm

Posted 2014-04-07T07:45:09.993

Reputation: 23

Answers

0

  • To deploy LAMP or any Web solution more securely, deploy it on a non familiar port.
  • Employ authentication before data transmission for security.
  • Hash certain unique parameters and send the hash value to be crossed checked for data validity & integrity.
  • Read and perform a system lock down for security.
  • LAMP implemented properly can be secure enough.
  • Isolate your server from the rest of the network by creating a separate VLAN.

athar13

Posted 2014-04-07T07:45:09.993

Reputation: 151

Asked: 2014-04-07T07:45:09.993

Viewed: 169 times

Active: 2014-04-07T09:48:56.547