Information technology -- Security techniques -- IT network security -- Part 4: Securing remote access
The general objectives of ISO/IEC 18028 are to extend the IT security management guidelines provided in ISO/IEC TR 13335 by detailing the specific operations and mechanisms needed to implement network security safeguards and controls in a wider range of network environments, providing a bridge between general IT security management issues and network security technical implementations.
ISO/IEC 18028-4:2005 provides guidance for securely using remote access - a method to remotely connect a computer either to another computer or to a network using public networks - and its implication for IT security. In this it introduces the different types of remote access including the protocols in use, discusses the authentication issues related to remote access and provides support when setting up remote access securely. It is intended to help network administrators and technicians who plan to make use of this kind of connection or who already have it in use and need advice on how to set it up securely and operate it securely.