VPN | AWS | Fluid Attacks Help

VPN

Rationale

VPN (Virtual Private Network) is the cloud-based solution for virtual private networks we use. The main reasons why we chose it over other alternatives are the following:

Alternatives

  • On-premise router: Before using VPN, we used to connect all our client virtual networks to our MedellĂ­n office router. Such approach had several disadvantages, being lack of accessibility, scalability and reproducibility some of the biggest.
  • OpenVPN Cloud: It is a SaaS VPN solution. It didn't have a Terraform module, which impacted reproducibility and traceability. Overall complexity was also higher as it required to integrate our AWS VPC using stateful EC2 runners, plus also connecting all our client endpoints to it.

Usage

We use VPN for

  • Using AWS Batch to connect to our client private networks in order to access their source code repositories.
  • Allowing hackers to connect to our client private environments for executing DAST.
  • Allowing developers to connect to our AWS VPC for debugging and development purposes.

Guidelines

Accessing the VPN

You can connect to the VPN and gain access to our AWS VPC and client private networks. In order to do so, you need to:

  1. From the portal:
    • Download the VPN client configuration.
    • Download and install the AWS Client VPN for your Operating System.
  2. Open the AWS Client VPN and import the downloaded configuration.
  3. Connect to the VPN.
Message about the free trial
Free trial
Search for vulnerabilities in your apps for free with Fluid Attacks' automated security testing! Start your 21-day free trial and discover the benefits of the Continuous Hacking Essential plan. If you prefer the Advanced plan, which includes the expertise of Fluid Attacks' hacking team, fill out this contact form.