RE: Personal Firewalls

[Bill_Royds () pch gc ca]

There seems to be a big market for a remote access solution for telework that
includes a IPSEC compatible VPN client, personal firewall and anti-virus client,
all using a secure remote update and control facility. There are several
products in each of these areas but none that integrate them all. I  am
evaluating them for a corporate recomendation at the moment and feel that
nothing actually makes the grade. What we want from a product is:

     IPSEC compliant VPN client, capable of handling cable modem/ADSL
     connections.
     Anti-virus client allowing remote signature update from corporate server
     over VPN push.
     Desktop firewall/IDS client with remote reporting to corporate server about
     services running on desktop and attacks to desktop.
     Ability to query desktop about status and prevent VPN connections unless
     virus is update and firewall is running.
     Installable by user remotely with a customized setup already on CD. (We can
     burn CD's with our own setup options).

These are not hard since several products have each individually, but nothing
has them integrated.





Nigel Willson <NWillson () tbg com> on 03/02/2001 18:14:48
                                                              
                                                              
                                                              
 To:      "'Tony Chryseliou'" <TonyC () bgls com>,               
          firewall-wizards () nfr com                            
                                                              
 cc:      (bcc: Bill Royds/HullOttawa/PCH/CA)                 
                                                              
                                                              
                                                              
 Subject: RE: [fw-wiz] Personal Firewalls                     
                                                              





This is a significant topic as enterprises extend their security
perimeters into employee homes and, for mobility, hotels. A
personal firewall configured and/or used improperly can invite
more issues than it prevents.

It most definitely needs to be complemented with a good and
regularly updated anti-virus solution because the greatest risk
comes from within, targetted trojans from our dynamic executable
society. A major risk is an employee owned desktop that serves
the role of both entertainment and business or a home network
that has *other* connections.

I'd recommend a mix of firewall (that ties into the enterprise
perimeter), anti-virus and, integrity checker (for those with
secure desktop standards) -- if standards and policy can be
applied to a home-based PC. Then an IPsec tunnel with stronger
authentication -- you'd be surprised what hotel networks capture!

Vendors are working on integration towards a convergence and
there should be some announcements in 2Q01.

These personal firewall technologies are very new, evolving, and
do not yet fully support enterprise use. The problem is that they
are easy to deploy but do not scale well to enterprise needs, so
deployment/investment should be limited/tactical initially to
those that warrant it.

A badly deployed solution will result in users disabling the
annoying hindrance or tampering with it and, poor configuration/
policy enforcement can exacerbate perception that security is
invasive on a locked down workstation.

20% Technology, 80% Process/Planning. There are a number of
requirements to consider in user grouping, firewall policy,
logging, use, management, together with an all important set of
processees to accomodate configuration, education, support,
maintenance, etc.

http://securityportal.com/articles/pf_main20001023.html has an
interesting review of the technology options.

Hope this helps,

Nige.

Senior Consultant, iSecurity Program
The Burton Group
http://www.tbg.com


> -----Original Message-----
> From: Tony Chryseliou [mailto:TonyC () bgls com]
> Sent: Wednesday, February 28, 2001 6:28 AM
> To: firewall-wizards () nfr com
> Subject: [fw-wiz] Personal Firewalls
>
>
> I'm currently in the development stage of a VPN project. Will
> be mostly
> telecommuters. One of the requirements besides the software
> that will create
> the VPN tunnel, is to have a mini-firewall that will be
> installed on the
> client PC.
>
> My only requirement is that "rule sets" be packageable and
> easily deployed
> after install. Been working with an eval of Symantec Desktop
> Firewall and it
> does meet the requirement, but quite frankly, the thing is
> flaky and doesn't
> behave consistently.
>
> Are there any other products in this category that I should
> be looking at?
>
> TIA,
>
> Tony Chryseliou
> Director, IT
> New World Holdings
> 732-544-0155 x165
>
> P.S. Before any says Checkpoint, been there, done that. I
> refuse to give
> them any more money because of their lousy support, over
> priced, and product
> introduction schedule.
> _______________________________________________
> firewall-wizards mailing list
> firewall-wizards () nfr com
> http://www.nfr.com/mailman/listinfo/firewall-wizards
_______________________________________________
firewall-wizards mailing list
firewall-wizards () nfr com
http://www.nfr.com/mailman/listinfo/firewall-wizards

Attachment: att1.eml
Description: