ORGANIZATIONAL STRUCTURE OF TECHNICAL PROTECTION OF INFORMATION AT THE NETWORK LEVEL USING VPN TECHNOLOGY

Recently, connecting employees to the company's internal network remotely through public resources has become widespread among small and medium-sized companies. In this case, the issue of information protection has become acute since a certain share of information may circulate through an unprotected network. At the moment, VPN technology is widely used, which has many options for implementing networks for different purposes of use. Among the variety of implementations, this research has chosen the construction of a VPN network based on Cisco equipment as an object to research. This approach has been chosen because of the prevalence and availability of equipment, and the availability of a simulator to design, set up and test the network. The organization structure has been described, in which employees can work both inside and outside the corporate network. At the same time, each of the employees is supposed to have equal opportunities to connect to servers securely and work with data related to the organization's activities. Accordingly, for the employees who work remotely, the issue of information security is specifically acute. Therefore, the authors propose a network model, which consists of three zones: the main office, the remote worker's workplace, and a segment with servers located in the demilitarized zone (DMZ). The demilitarized zone provides an additional level of security for the local network, which minimizes damage in the event of an attack on one of the publicly available services: an external attacker has direct access only to the equipment in the DMZ. The VPN technology will be deployed as a means of protecting the connection of employees to servers with the organization's data. The network hardware is selected. Cisco 2811 router, which is used to cover the needs of small organizations (up to 36 workplaces), was chosen to combine all segments into one network. Practical implementation of the VPN technology settings in the presented distributed network of the organization has been conducted. The computer network was simulated in the Cisco Packet Tracer environment. As a result of fulfilling the assigned tasks, security policies were implemented in the network based on the use of Cisco VPN technology. This tool made it possible to organize a secure VPN channel for connections from within the organization's network, which, in turn, allows a remote employee to access the organization's servers and data. The results of this work can be used by the companies or individual users who plan to integrate the VPN architecture, based on Cisco equipment, into their network infrastructure.