I've just been assigned the duties of performing risk assessment for my organization that will include me having to develop and write security policies. Currently, I'm researching security policy as it pertains to VPN.
This policy should address organizational site-to-site as well as organizational client-to-site connectivity. Is there any good VPN security policy reference material that could possibility help in facilitating my research?
First, I should note that risk assessment and policy development are two separate activities.
With regard to VPN security policies, below are a few links for you. Some are specific to VPNs and others are more general security policy references.http://www.symantec.com/symadvantage/014/vpn.html
This was first published in July 2003