RE: About MS-Networking security.
From: Kristi Roose (kroose_at_vermeermfg.com)
Date: 01/19/04
- Previous message: Harlan Carvey: "RE: About MS-Networking security."
- In reply to: Depp, Dennis M.: "RE: About MS-Networking security."
- Next in thread: Glenn S.: "Re: About MS-Networking security."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: <focus-ms@securityfocus.com> Date: Mon, 19 Jan 2004 10:04:21 -0600
Does anyone have any solutions to keep a user from plugging into the LAN
from inside the company? Is there a way to restrict DHCP addresses by
MAC address?
Kristi
-----Original Message-----
From: Depp, Dennis M. [mailto:deppdm@ornl.gov]
Sent: Friday, January 16, 2004 7:20 PM
To: Wronski, Michael C (MED); Cyber Chiu`; focus-ms@securityfocus.com
Subject: RE: About MS-Networking security.
Microsoft has a solution where remote users are scanned and verified
clean before they are allowed to create a remote session, either using
VPN or dialup. Their solution is based on Windows Server 2003. I think
Cisco may have a similar solution, at least they should. There may be
others as well.
Denny
-----Original Message-----
From: Wronski, Michael C (MED) [mailto:Michael.Wronski@med.ge.com]
Sent: Thursday, January 15, 2004 5:22 PM
To: 'Cyber Chiu`'; focus-ms@securityfocus.com
Subject: RE: About MS-Networking security.
This is a common problem with no single solution. No matter what you do,
the mobile user is going to be a high risk entity. Education of the
user of their ability to cause harm to their own data and the company
network is a great start. They need to be aware that their actions can
cause catastrophic results. After education, the following are the most
important:
-Install Personal Firewall and AV on all laptops and make sure you
educate the users on the function of the software.
-Lock down the configuration so it cant be disabled by the user
-Enable aggressive live updates (daily) and scans (daily)
-Patching Automation - Before your user leaves the network, their
laptops should be patched with the more recent OS updates.
-Its best of your laptop users can connect to a "sandbox" network on
return to the office or if you can separate all physical connection that
belong to mobile users on a sandbox VLAN. This can be difficult to
manage depending on your current network design.
-M
-----Original Message-----
From: Cyber Chiu` [mailto:cchiu@hotspur.com.hk]
Sent: Sunday, January 11, 2004 3:26 PM
To: focus-ms@securityfocus.com
Subject: About MS-Networking security.
Hi all, I have a question about portable computer security concern. My
company have firewall protection, all desktop are behind firewall.
However, My saleman need to do their business with a Laptop. When
they're in office. They will connect their laptop to our internet.
I think it's danger because we don't know it's infected by virus or not.
can anyone suggest me what to do?
------------------------------------------------------------------------
--- ------------------------------------------------------------------------ --- ------------------------------------------------------------------------ --- ------------------------------------------------------------------------ --- ------------------------------------------------------------------------ --- ------------------------------------------------------------------------ --- --------------------------------------------------------------------------- ---------------------------------------------------------------------------
- Previous message: Harlan Carvey: "RE: About MS-Networking security."
- In reply to: Depp, Dennis M.: "RE: About MS-Networking security."
- Next in thread: Glenn S.: "Re: About MS-Networking security."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
