|
Posted by Miha Pihler [MVP] on January 5, 2006, 4:57 am
If you were Registered and logged in, you could reply and use other advanced thread options
Hi John,
There are some solutions out there and one of them is VPN Quarantine that
can be achieved with Microsoft ISA Server 2004 (or RRAS Server on Windows
Server 2003).
In this case once the computer is connected to VPN, it is put into
quarantine network and does not have access to LAN yet. It is first checked
for what you want. E.g. does it have antivirus installed and is antivirus
running. Is antivirus up-to-date. Does a computer have all critical patches
installed etc...
VPN Roaming Clients and Quarantine Control in ISA Server 2004 Enterprise
Edition
http://www.microsoft.com/technet/prodtechnol/isa/2004/plan/vpn_roaming_clients_quarantine_control_ee.mspx
Implementing Quarantine Services with Microsoft Virtual Private Network
Planning Guide
http://www.microsoft.com/technet/security/prodtech/windowsserver2003/quarantineservices/default.mspx
Network Access Quarantine Control in Windows Server 2003
http://www.microsoft.com/windowsserver2003/techinfo/overview/quarantine.mspx
--
Mike
Microsoft MVP - Windows Security
> If an employee working from their home pc connects to a network using
> PPTP/VPN and their pc has a virus, that virus can then attempt to spread
> onto the attached network. The network has enterprise level virus
> scanning on all machines. What technologies exist that can help mitigate
> this risk? Is there any way to help ensure that a connecting machine is
> virus free and fully patched?
>
>
>
>
>
>
>
| 
XML site map