Security Basics mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Looking for some ideas on VPN and Dial Up Users and Virus protect ion.

From: c_brauckmiller () LEK COM
Date: Mon, 29 Sep 2003 12:04:45 -0400


We looked into this.

The only real solution we found was Integrity Desktop and Policy Server from
ZoneLabs.

It completely integrates with the Cisco VPN 3000 gear and can require specific
versions and DAT levels on the AV sofware as well as enforcing firewall
policies.

If they fail any part of the check, they can be redirected to a website so that
they can download the latest DAT files, etc.  Once they pass the tests, then and
only then will they be allowed to connect to the network via the VPN.

Isn't cheap.  Its between $55 and $65 per user plus hardware to run the server
side software.

Good luck.

Craig




Frans Meijer <listjunky () fenke xs4all nl> on 09/27/2003 02:16:14 PM

To:   "Sutton, David" <David.Sutton () ps net>
cc:   security-basics () securityfocus com (bcc: Craig Brauckmiller/LEK)

Subject:  Re: Looking for some ideas on VPN and Dial Up Users and Virus protect
      ion.




On Fri, 26 Sep 2003, Sutton, David wrote:


Is there a server that you can put in that VPN and Dial up users would have
to access 1st, like a proxy, that would check their system and if something
was found would close out the connection right away?


A system (the vpn-client) that would allow such an invesigation would
not be very secure, would it?

---------------------------------------------------------------------------
----------------------------------------------------------------------------























---------------------------------------------------------------------------
----------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: