Which of the following is the best way to improve the confidentiality of remote connections to an enterprise's infrastructure?

Firewalls primarily serve as a barrier that monitors and controls incoming and outgoing network traffic based on predetermined security rules. While they are crucial for protecting networks from external threats, they do not inherently encrypt the data being transmitted, thus offering limited confidentiality for remote connections.

Extensive logging involves recording network activity and user actions, which can be useful for auditing and detecting breaches. However, logging itself does not provide any confidentiality or protection for the data being transmitted. It is more of a reactive measure rather than a preventative one.

Intrusion detection systems (IDS) are designed to detect and respond to potential security breaches within a network. While they play an important role in overall security, they do not enhance the confidentiality of data in transit. Instead, they focus on identifying and alerting administrators to threats after they occur.