Security Basics mailing list archives
RE: Forcing a vpn connection anytime internet connectivity is detected outside a corporate lan
From: "Ross Goodall" <RGoodall () smith-nixon com>
Date: Mon, 2 Jun 2008 16:06:42 -0400
We use Surf Control (recently bought out by WebSense) for Internet filtering. There is an optional mobile component which we have installed on all of our laptops which kicks in when the mobile users are not connected to the local network. It's a local install which also needs a server on the back-end to provide the filtering. Any HTTP request from one of our laptops in the field therefore goes through our mobile internet filter. When the user is back in the office, the mobile component 'sleeps' and the normal proxy filtering kicks in. http://www.websense.com/global/en/ProductsServices/modules/remotefilteri ng.php Ross Goodall Smith Nixon LLP T: 416.361.1622 ext: 313 | F: 416.367.1238 | 1900 - 390 Bay Street | Toronto, Ontario M5H 2Y2 | www.smith-nixon.com ________________________________ The information transmitted is intended only for the person or entity to which it is addressed and may contain confidential and/or privileged material. Any review, retransmission, dissemination or other use of, or taking of any action in reliance upon, this information by persons or entities other than the intended recipient is prohibited. If you received this in error, please contact the sender and delete the material from your computer. ________________________________ -----Original Message----- From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On Behalf Of Charles Hardin Sent: Monday, June 02, 2008 2:18 PM To: security-basics Subject: Forcing a vpn connection anytime internet connectivity is detected outside a corporate lan Hello list, Does anyone have a solution for the following issue we seem to be facing at my place of employment. We use barracuda web filter's to control web content at all of our sites and this works pretty well. What we seem to be having is our laptop users are breaking the usage policy and porn surfing at night from hotels and their house, then introducing it to their file shares while they are in the office. The VPN we use is a cisco pix tied to a raidus server. The main site they connect to is on a metro e so head end bandwidth is not a primary concern but a possible secondary concern. What we would like to do is force the laptops into a vpn connection any time the laptop detects the internet and is not on the corporate lan and then tunnel their web traffic thru our webfilters. We have spare public ips so they could in theory ping this to determine if they are in or out of our network. Any ideas? Charles Hardin
Current thread:
- Forcing a vpn connection anytime internet connectivity is detected outside a corporate lan Charles Hardin (Jun 02)
- RE: Forcing a vpn connection anytime internet connectivity is detected outside a corporate lan Ross Goodall (Jun 02)
- RE: Forcing a vpn connection anytime internet connectivity is detected outside a corporate lan Christian Campbell (Jun 04)