Re: Looking for some ideas on VPN and Dial Up Users and Virus protection.

["Peter Van Eeckhoutte" <peter.ve () pandora be>]

Nortel has a feature called Tunnel Guard,
It is a tool, installed on the VPN box, which will make sure certain apps
run on the client :
It can check for a personal firewall, AV (including checking for
definitions)
Also, it would make sense not to allow your users to change the firewall
ruleset,
and enforcing the internet traffic to go through the company proxy server
 by blocking all incoming and outgoing traffic on the client computer
(except for dns and the VPN tunnel itself)
Of course, the firewall client needs to be aware of the type of
connection... CyberArmor has that option - and can be centrally managed,
but I'm sure there are other products that can do the same
----- Original Message ----- 
From: "Sutton, David" <David.Sutton () ps net>
To: <security-basics () securityfocus com>
Sent: Friday, September 26, 2003 7:35 PM
Subject: Looking for some ideas on VPN and Dial Up Users and Virus
protection.


> Hello all,
>
> I am looking for some ideas and or suggestions on ways to help protect a
> network from VPN and Dial up users.  What I am looking for is something
that
> once they make a connection would scan their PC for known virus and or
other
> issues that might cause problems if spread.
>
> Is there a server that you can put in that VPN and Dial up users would
have
> to access 1st, like a proxy, that would check their system and if
something
> was found would close out the connection right away?
>
> Thanks for any information....
>
> David
>
> --------------------------------------------------------------------------
-
> --------------------------------------------------------------------------
--
>



---------------------------------------------------------------------------
----------------------------------------------------------------------------