Security Basics mailing list archives

Re: Laptop Endpoint Security

From: aditya mukadam <aditya.mukadam () gmail com>
Date: Fri, 22 May 2009 11:14:43 +0530

Hello John,

As I understand ( correct me if wrong), you want to define policy for
laptops and needs a software which can verify  if the laptop meets the
defined policy  (if used) for internet.

If above is correct, Network  Access Control (NAC) is the right
solution for your requirement.

Take a look at below products. I would 'personally' recommend Juniper
NAC as it has lot of features and options etc as compared to the rest.
 Again, all depends on your requirement, budget etc

Juniper NAC
Cisco NAC
Cisco Clean Access
Symantec NAC ( sygate)

Let me know if you have any questions.

Thanks,
Aditya Govind Mukadam
http://www.linkedin.com/in/adityamukadam

On Wed, May 20, 2009 at 1:01 PM, John Drakes <tornado579 () gmail com> wrote:

Hi All,

Our company was evaluating Websense Remote filtering tool for our
laptop users so that we can enforce the Internet security policy on
the laptops.
But while doing Risk assessment it was noticed that if the hacker is
able to compromise the Websense Remote Filtering server in the DMZ he
may try to get into the internal LAN since the direct connection is
established between DMZ machine and the internal server for doing user
based filtering with the help of Active Directory.This is a risk.

I wanted your suggestions on the following:

1. What are the other products which can be evaluated for internet filtering?

2. What are the chances of the above risk materializing ?

3. Any other best practices you can suggest?


Thanks in advance.

------------------------------------------------------------------------
This list is sponsored by: InfoSec Institute

Need to pass the CISSP? InfoSec Institute's CISSP Boot Camp in both Instructor-Led and Online formats is the most 
concentrated exam prep available. Comprehensive course materials and an expert instructor means you pass the exam. 
Gain a laser like insight into what is covered on the exam, with zero fluff!

http://www.infosecinstitute.com/courses/cissp_bootcamp_training.html
------------------------------------------------------------------------


------------------------------------------------------------------------
This list is sponsored by: InfoSec Institute

Need to pass the CISSP? InfoSec Institute's CISSP Boot Camp in both Instructor-Led and Online formats is the most 
concentrated exam prep available. Comprehensive course materials and an expert instructor means you pass the exam. Gain 
a laser like insight into what is covered on the exam, with zero fluff!

http://www.infosecinstitute.com/courses/cissp_bootcamp_training.html
------------------------------------------------------------------------

Current thread:

Laptop Endpoint Security John Drakes (May 20)
- Re: Laptop Endpoint Security Nikhil Wagholikar (May 21)
- Re: Laptop Endpoint Security aditya mukadam (May 22)
  - RE: Laptop Endpoint Security Ravi (May 28)
- <Possible follow-ups>
- Re: Laptop Endpoint Security admin (May 28)