Mandating firewall use for remote VPN users
Home > IT Answers > Security > Mandating firewall use for remote VPN users
JimmyIT
1260 pts.
0
Q:
Mandating firewall use for remote VPN users
Firewalls, VPN, Remote access policies
Is there a way I can make sure all remote vpn users have the proper firewalls and anti virus software installed? If they are using a home pc what controls do I have besides telling them they need to?
ASKED: Nov 21 2007  4:29 AM GMT
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
RELATED QUESTIONS
0
Wrobinson
5610 pts.
0
A:
 RATE THIS ANSWER
0
Click to Vote:
  •   0
  •  0
  • AddThis Social Bookmark Button
You need a remote access policy. The only way to truly enforce it is to provide hardware firewalls, host-based intrustion detection systems, firewalls and anti-virus software as well as the serves to configure them accordingly. Then and only then enabling users for remote access to the corporate network. An alternative would be to make software available for download and installating (pre-configured) and use a state checking/quarantine system to allow or disallow computers from establishing remote access sessions based on policies. This is more expensive and complex but reduces expense and administrative overhead in the long run.
Last Answered: Nov 21 2007  4:51 AM GMT by Wrobinson   5610 pts.
  •   
0
0
RSS - Discussions Help
Discuss This Answer:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _



_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

HCream   1235 pts.  |   Nov 22 2007  6:57AM GMT

One of the least expensive options is the VPN implementation that comes with Microsoft’s ISA Server 2006.
The ISA Server provides a VPN quarantine feature that utilizes the Network Access Quarantine Control feature of Windows Server 2003 to quarantine a remote access computer until its configuration has been validated by a server-side script. This adds another layer of protection by providing a means to check such things as antivirus definition status and local firewall policy on the remote computer before you allow it access to your internal network resources.

 
0