Increasingly, illicit activity in the domain of the agency has moved online to both the Public internet and Dark Web. The agency has a critical need to protect user identities and assume a low profile while conducting law enforcement investigations. Additionally, it needed the ability to utilize multiple tools beyond just the basic internet browser, as well as use software like Tor to access the Dark Web. The agency needed these VPNs to be “always on” to prevent inadvertent user error or exposure of agency assets.
The agency also needed a “dedicated egress node” that it could manage the geo-location of, as well as how frequently the IP address was rotated. The agency’s objective was to utilize the dedicated (and static nature) of the egress node to establish persistent and tailored online personas. This capability also assists with access to restricted forums and websites logging IP address as an authentication/identification method.
Conceal deployed OpenVPN clients and certificates to ~45 terminals within the Agency.
Conceal developed a script to ensure that if the agency’s machines were “On” that the OpenVPN capability would always auto-connect and remain up, in order to mitigate any potential exposure of the agency’s personnel/assets. Conceal deployed a dedicated egress node made available only to the agency customer.
The customer has the ability to move geographic location of that egress node up to 12 times per year as well as rotate the IP address on an ad-hoc basis.
Value Add / Solution
- Complete misattribution and privacy for the agency personnel operating on the internet.
- Zero reported instances of malware or compromise of agency machines/networks utilizing the product.
- The ability to utilize multiple desktop tools and the command line including the Tor Browser for Dark Web access.
- Dedicated egress node enables the customer to access previously restricted websites and makes it significantly less difficult to maintain online personas.
- Rapid deployment and stand up of users (~1 day)