RE: About MS-Networking security.

From: Kim, Cameron (CKim_at_mdea.com)
Date: 01/19/04

  • Next message: Glenn S.: "Re: About MS-Networking security." 
    Date: Mon, 19 Jan 2004 13:18:04 -0800
To: <focus-ms@securityfocus.com>

    Port based authentication (802.1x) would restrict where and when and how
    users can access your network. Granted you need to look at your security
    policies and your switching equipment to do this.
    Most major name switches support 802.1x to some degree.

    Cameron Kim
    Mitsubishi Digital Electronics America

    -----Original Message-----
    From: Kristi Roose [mailto:kroose@vermeermfg.com]
    Sent: Monday, January 19, 2004 8:04 AM
    To: focus-ms@securityfocus.com
    Subject: RE: About MS-Networking security.

    Does anyone have any solutions to keep a user from plugging into the LAN
    from inside the company? Is there a way to restrict DHCP addresses by
    MAC address?

    Kristi

    -----Original Message-----
    From: Depp, Dennis M. [mailto:deppdm@ornl.gov]
    Sent: Friday, January 16, 2004 7:20 PM
    To: Wronski, Michael C (MED); Cyber Chiu`; focus-ms@securityfocus.com
    Subject: RE: About MS-Networking security.

    Microsoft has a solution where remote users are scanned and verified
    clean before they are allowed to create a remote session, either using
    VPN or dialup. Their solution is based on Windows Server 2003. I think
    Cisco may have a similar solution, at least they should. There may be
    others as well.

    Denny

    -----Original Message-----
    From: Wronski, Michael C (MED) [mailto:Michael.Wronski@med.ge.com]
    Sent: Thursday, January 15, 2004 5:22 PM
    To: 'Cyber Chiu`'; focus-ms@securityfocus.com
    Subject: RE: About MS-Networking security.

    This is a common problem with no single solution. No matter what you do,
    the mobile user is going to be a high risk entity. Education of the
    user of their ability to cause harm to their own data and the company
    network is a great start. They need to be aware that their actions can
    cause catastrophic results. After education, the following are the most
    important:

    -Install Personal Firewall and AV on all laptops and make sure you
    educate the users on the function of the software.
            -Lock down the configuration so it cant be disabled by the user
            -Enable aggressive live updates (daily) and scans (daily)

    -Patching Automation - Before your user leaves the network, their
    laptops should be patched with the more recent OS updates.

    -Its best of your laptop users can connect to a "sandbox" network on
    return to the office or if you can separate all physical connection that
    belong to mobile users on a sandbox VLAN. This can be difficult to
    manage depending on your current network design.

    -M

    -----Original Message-----
    From: Cyber Chiu` [mailto:cchiu@hotspur.com.hk]
    Sent: Sunday, January 11, 2004 3:26 PM
    To: focus-ms@securityfocus.com
    Subject: About MS-Networking security.

    Hi all, I have a question about portable computer security concern. My
    company have firewall protection, all desktop are behind firewall.
    However, My saleman need to do their business with a Laptop. When
    they're in office. They will connect their laptop to our internet.

    I think it's danger because we don't know it's infected by virus or not.
    can anyone suggest me what to do?

    ------------------------------------------------------------------------ 

    ---
------------------------------------------------------------------------
---
------------------------------------------------------------------------
---
------------------------------------------------------------------------
---
------------------------------------------------------------------------
---
------------------------------------------------------------------------
---
------------------------------------------------------------------------
---
------------------------------------------------------------------------
---
---------------------------------------------------------------------------
---------------------------------------------------------------------------
  • Next message: Glenn S.: "Re: About MS-Networking security."

    Relevant Pages

    • RE: About MS-Networking security.
      ... computer with an unused IP and getting on the network. ... A firewall and/or middle man like Internet Security and Acceleration ... Subject: About MS-Networking security. ... My saleman need to do their business with a Laptop. ...
      (Focus-Microsoft)
    • Re: Rebuilding Simple Home Network - Finding Highest Security Level Avail on Ea Comp
      ... network must be configured to use the same security ... you can't set your Linksys ... use WPA and your laptop to use WEP or WPA2 for instance. ... bar in My Network Places so the file appears under Entire Network. ...
      (microsoft.public.windowsxp.general)
    • Re: Rebuilding Simple Home Network - Finding Highest Security Level Avail on Ea Comp
      ... The other makeshift way to tell is through the Wireless Net ... Select any existing Wireless Network, ... Authentication field will have a table of support Security Protocols. ... use WPA and your laptop to use WEP or WPA2 for instance. ...
      (microsoft.public.windowsxp.general)
    • RE: About MS-Networking security.
      ... has multiple subnets bound to it's NICs. ... ##Subject: RE: About MS-Networking security. ... ##to their own data and the company network is a great start. ... ##business with a Laptop. ...
      (Focus-Microsoft)
    • RE: Preventing update pushes from network?
      ... Any laptop is a potential threat to the health and security of the managed ... Discuss your concerns and objectives with a network administrator for the ... Windows XP Security Homepage: ...
      (microsoft.public.windowsxp.security_admin)