Information technology -- Security techniques -- IT network security -- Part 5: Securing communications across networks using virtual private networks
This standard has been revised by ISO/IEC 27033-5:2013.
ISO/IEC 18028-5:2006 provides detailed guidance on the security aspects of the management, operation and use of IT networks, and their inter-connections.
ISO/IEC 18028-5:2006 defines techniques for securing inter-network connections that are established using virtual private networks (VPNs). It is relevant to all personnel who are involved in the detailed planning, design and implementation of VPN security (for example IT network managers, administrators, engineers, and IT network security officers).
The general objectives of ISO/IEC 18028 are to extend the security management guidelines provided in ISO/IEC TR 13335 and ISO/IEC 17799, by detailing the specific operations and mechanisms needed to implement network security controls in a wider range of network environments, providing a bridge between general IT security management issues and network security technical implementations.
The objective of ISO/IEC 18028-5:2006 is to provide support service to different organizations, IT network managers, administrators, technicians, and IT security officers in choosing the appropriate virtual private network solution.
ISO/IEC 18028-5:2006 describes general principals of organization, structure, framework and usage of a virtual private IT networks (VPN). It discusses functional area, used standards and network protocols, the various different types of VPN, their respective requirements, characteristics, and other aspects.