Firewall Wizards mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Worms, Air Gaps and Responsibility

From: Bret Watson <lists () ticm com>
Date: Mon, 10 May 2004 20:41:43 +0800
Its a standard part of BlackIce - checks for the necessary programs, signatures files etc and allows or denies based on this. 

Bret


At 02:39 AM 9/05/2004 -0300, Vinicius Moreira Mello wrote:

Paul Van Noord wrote:

5/7/04  6:12 AM
Hi Jim,
Is it not possible to run a script when a notebook connects to the LAN
to check for the necessary security elements. If they are not there,
either deny use of the LAN or lock the machine and add them before the
user is allowed to use the LAN?


Paul,
It would be hard to make a reliable vulnerability scanning or threat assessment and integrate it with the core network equipments. An interesting approach that many universities and medium sized business have being taking is to isolate mobile users in a network (or VLAN) regardless of their security state. As most of the mobile user's needs are to read/send e-mail and use the web, they are restricted, with packet filters, to do just these activities. This minimizes the threat and is a good solution for many companies and univerisities. Implementing it is time costly, but a cost that is worth paying in many environments. 

Regards,
vmm.

_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards


_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Previous By Date Next
Previous By Thread Next

Current thread: