[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] RE: [FW1] VPN based telecommuters, how to secure their end? (off-topic)
I helped setup our VPN at my last company and the two things we make sure every remote user has installed are a good virus software with automatic updates and personal firewall software. The only problem with using SOHO devices is you are only going to address people with high speed access lines and you will not cover your dial-up users who are on the road. In that case now you are going to be having 2 solutions to support and manage instead of one. The one thing to make sure is that split tunneling is disabled for your people with Cable and DSL connections. There are a couple of personal firewall vendors that are moving to the enterprise market and Taliskers site has the best list to them I know of out there. Here is the link so you can go check some of them out. http://www.networkintrusion.co.uk/firepers.htm Jeff Deitz Radware Inc.-----Original Message----- From: [email protected] [mailto:[email protected]]On Behalf Of Greg Winkler Sent: Mon, May 14, 2001 1:09 PM To: [email protected] Subject: [FW1] VPN based telecommuters, how to secure their end? (off-topic) I know this is the FW1 list but it seems a good place to ask this question. We are embarking on a telecommuting program and we hope to connect the telecommuters with Securemote VPN's. I've gotten SR working but am concerned about security on the telecommunting PC's. I'm not so concerned about the VPN itself being hacked as much as I am about a trojan or something being dropped on the remote PC. I believe personal firewalls may be a solution to this but has anyone run into one that is scaleable to the enterprise level (hundreds of users)? We'd need a solution that could be managed centrally as I don't expect that it would be prudent to allow the telecommuters to make decisions on which apps to allow thru or which ports to open up. We are looking at the Secure Client from checkpoint but it seems pretty weak (only enforced when the VPN is active). What about the SOHO routers that support VPN and have built in firewall ability (Sonicwall TELE2 for example)? On the surface the SOHO routers would appear to make my life easier as I wouldn't have any SR software to install and many support the PPPoE authentication that a lot of ISP are requiring now. I'm really just fishing for ideas. So if you've got any thoughts on the subject I'd be glad to listen to them. Thanks, ---------------------------------------------------------------------------- ------------ Greg Winkler Systems Manager, IT&S Huntsman Corporation Internet Mail: [email protected] Voice:Fax:============================================================================ ==== To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ============================================================================ ==== ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================
|