nanog mailing list archives
Re: Cisco ScanSafe, aka Cisco Cloud Web Security
From: "Justin M. Streiner" <streiner () cluebyfour org>
Date: Wed, 4 Dec 2013 10:33:31 -0500 (EST)
First of all, why are you allowing or disallowing split tunnel networks ? There is always the risk that he/she may get infected with some malware that your antivirus does not recognize and it spreads through the internet network when the user VPNs to the corporate network.
From what I've seen, many government agencies - particularly those
that work with sensitive data - take a very risk-averse position when dealing with remote access - if it is allowed at all.Such networks also tend to be fairly compartmentalized out of necessity. Still the possibility of a breach that originated from a user that was VPN'd in and happened to open "not-infected-srsly.zip" gives IT admins in such environments more than a bit of heartburn.
jms
Current thread:
- Cisco ScanSafe, aka Cisco Cloud Web Security Herro91 (Dec 04)
- Re: Cisco ScanSafe, aka Cisco Cloud Web Security Eugeniu Patrascu (Dec 04)
- Re: Cisco ScanSafe, aka Cisco Cloud Web Security Justin M. Streiner (Dec 04)
- Re: Cisco ScanSafe, aka Cisco Cloud Web Security Scott Voll (Dec 05)
- Re: [c-nsp] Cisco ScanSafe, aka Cisco Cloud Web Security Eugeniu Patrascu (Dec 05)
- Re: [c-nsp] Cisco ScanSafe, aka Cisco Cloud Web Security Pui Edylie (Dec 06)
- Re: [c-nsp] Cisco ScanSafe, aka Cisco Cloud Web Security Eugeniu Patrascu (Dec 06)
- Re: [c-nsp] Cisco ScanSafe, aka Cisco Cloud Web Security Eugeniu Patrascu (Dec 05)
- Re: Cisco ScanSafe, aka Cisco Cloud Web Security Eugeniu Patrascu (Dec 04)