Educause Security Discussion mailing list archives
Re: Whole Disk Encryption Tools
From: Curt Wilson <curtw () SIU EDU>
Date: Mon, 13 Nov 2006 13:38:55 -0600
Steve Brukbacher wrote: <snip>
One downside to Pointsec is that the key exchange between the server andthe clients happens over windows ports. Since we block these at the edge, this will probably be a no go. So it's pretty much between guardian Edge and Voltage (Safeboot).
<snip> Steve- Can you please enumerate the "windows ports" mentioned above? Hopefully it's not the SMB/CIFS/RPC 135-139,445 set. There was another product a few years ago, an enterprise AV, that was only able to be managed through NetBIOS/SMB. We cringed, and didn't buy and they have since changed their approach. As you likely know, requiring SMB/NetBIOS over a perimeter firewall and into the enterprise from any untrusted endpoint is dangerous...the next MS remote 0day to come along will walk right on in (might be more resistant to attack with Windows 2003 server, with it's SafeSEH, /GS compiled OS, and DEP, but I still wouldn't trust it). -- Curt Wilson IT Network Security Officer Southern Illinois University Carbondale 618-453-6237 GnuPG key: http://www.infotech.siu.edu/security/curtw.pub.asc
Current thread:
- Re: Whole Disk Encryption Tools, (continued)
- Re: Whole Disk Encryption Tools Steve Brukbacher (Nov 09)
- Re: Whole Disk Encryption Tools Logan, Kimberly (loganks) (Nov 09)
- Re: Whole Disk Encryption Tools jack suess (Nov 09)
- Re: Whole Disk Encryption Tools Chris Green (Nov 09)
- Re: Whole Disk Encryption Tools Krizi Trivisani (Nov 09)
- Re: Whole Disk Encryption Tools Brad Judy (Nov 09)
- Re: Whole Disk Encryption Tools Jack Suess (Nov 09)
- Re: Whole Disk Encryption Tools Bob Ono (Nov 10)
- Re: Whole Disk Encryption Tools Clifford Collins (Nov 10)
- Re: Whole Disk Encryption Tools George Farah (Nov 10)
- Re: Whole Disk Encryption Tools Curt Wilson (Nov 13)