For VPN connections that use L2TP over IPSec is there any stronger encryption that can be used (or required) other than DES / 3DES encryption?
There are new encryption algorithms being developed, but 3DES is probably sufficient for you now, especially if you change the session keys regularly (e.g., every few hours or so).
The more critical component of security is authentication. It's surprising how many folks will encrypt using 3DES but still use shared secrets or PAP for authentication. I recommend either secure tokens or digital certificates. Authentication and encryption go hand-in-hand to provide the best security.
Dig Deeper on Network Security Best Practices and Products
Related Q&A from Retired Expert - Mark Tuomenoksa
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.