[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] RE: [FW1] Keeping SecureClient PC's Safe.
Yes, current anti virus software is a must. Difficult if not impossible to insure that the home user keeps it current though. As far as software firewall solutions go, I have a hard time feeling as comfortable with them as I would with a hardware solution. Although, I must admit I have no evidence that they do not perform as well, or better perhaps, than a hardware device. Just a gut feeling that hardware is always better than software. What are the groups thoughts on the SecureClient/SecureRemote Desktop Policies that attempt to restrict traffic while connected via VPN. It seems to me that this is a somewhat limited protection but probably valuable none the less. Thoughts? Thanks all, Christian -----Original Message----- From: Padberg, Marlen [mailto:[email protected]] Sent: Tuesday, August 21, 2001 10:39 AM To: 'Hanke, Christian (DC)' Subject: RE: [FW1] Keeping SecureClient PC's Safe. We are contemplating this same issue with one of our clients... It seems step 1 will be establishing a corporate policy enforcing users to have CURRENT anti-virus software (quite possibly the company providing its staff with a licence for home use) and probably personal firewall software and unless they have this, they won't be provided with VPN software. It is a valid concern as Microsoft was compromised using this technique (although it took a hacker a month to do it). A NAT home gateway device would help in the compromise department (although a personal firewall seems to provide good security in this respect). Probably would cost less using a software solution (personal firewall software like Zone Alarm and Black Ice Defender are free), however the hardware solution does provide a very solid solution. Just my views. Marlen Padberg. -----Original Message----- From: Hanke, Christian (DC) [mailto:[email protected]] Sent: Monday, August 20, 2001 3:17 PM To: [email protected] Subject: [FW1] Keeping SecureClient PC's Safe. I am interested in what, if any, precautions others are taking to insure that the PC's using SecureClient to connect to their networks via VPN are not themselves compromised. My concern is that someone at home will be virus laden, compromised by a trojan, or who knows what else and then in turn compromise our network security by tunneling in to our cooperate network. Is this a valid concern? I am playing with the idea of requiring either a NAT box or one of the new Home Internet Gateways which include firewall functionality for users who wish to take advantage of the high speed VPN connection to our network. Of course, there would be no way to make sure their settings and configurations were optimal. What's everyone else doing about this? Your feedback would be greatly appreciated. Thanks all, Christian ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================
|