[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] RE: [FW1] VPN based telecommuters
One way to do this would be system policies..... (currently NT / win 2k supports fully and Win9x has a version which supports most features)..... you can tie down your desktop and also control the applications he installs. If you are using WinNt / win2k another way would be to not give the user admin access to the local machine.... however this is a bit too restrictive and users would complain. -----Original Message----- From: Misha [mailto:[email protected]] Sent: Wednesday, May 16, 2001 11:57 PM To: Ghosh, Debashis (CORP, CIM) Cc: [email protected] Subject: RE: [FW1] VPN based telecommuters How do you ensure that your remote VPN users do not disable or deinstall BlackICE Defebnder? X-Apparently-To: [email protected] via web14008.mail.yahoo.com; 16 May 2001 05:55:16 -0700 (PDT) X-Track: 72: 40 From: "Ghosh, Debashis (CORP, CIM)" <[email protected]> To: Greg Winkler <[email protected]>, [email protected] Subject: RE: [FW1] VPN based telecommuters, how to secure their end? (off- topic) Date: Tue, 15 May 2001 16:44:46 +0800 Importance: high X-Mailer: Internet Mail Service (5.5.2653.19) Sender: [email protected] We have used BlackICe defender successfully with Nortel Contivity VPN ... works well ....we have >50,000 users globally. Debashis -----Original Message----- From: Greg Winkler [mailto:[email protected]] Sent: Tuesday, May 15, 2001 4:09 AM To: [email protected] Subject: [FW1] VPN based telecommuters, how to secure their end? (off-topic) I know this is the FW1 list but it seems a good place to ask this question. We are embarking on a telecommuting program and we hope to connect the telecommuters with Securemote VPN's. I've gotten SR working but am concerned about security on the telecommunting PC's. I'm not so concerned about the VPN itself being hacked as much as I am about a trojan or something being dropped on the remote PC. I believe personal firewalls may be a solution to this but has anyone run into one that is scaleable to the enterprise level (hundreds of users)? We'd need a solution that could be managed centrally as I don't expect that it would be prudent to allow the telecommuters to make decisions on which apps to allow thru or which ports to open up. We are looking at the Secure Client from checkpoint but it seems pretty weak (only enforced when the VPN is active). What about the SOHO routers that support VPN and have built in firewall ability (Sonicwall TELE2 for example)? On the surface the SOHO routers would appear to make my life easier as I wouldn't have any SR software to install and many support the PPPoE authentication that a lot of ISP are requiring now. I'm really just fishing for ideas. So if you've got any thoughts on the subject I'd be glad to listen to them. Thanks, ---------------------------------------------------------------------------- ------------ Greg Winkler Systems Manager, IT&S Huntsman Corporation Internet Mail: [email protected] Voice:Fax:__________________________________________________ Do You Yahoo!? Yahoo! Auctions - buy the things you want at great prices http://auctions.yahoo.com/ ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================
|