Re: About MS-Networking security.

From: Glenn S. (glenn_at_secureinformation.net)
Date: 01/20/04

  • Next message: andreas: "RE: Encrypt data - SQL Server 2000" 
    To: "Depp, Dennis M." <deppdm@ornl.gov>, "Wronski, Michael C (MED)" <Michael.Wronski@med.ge.com>, "Cyber Chiu`" <cchiu@hotspur.com.hk>, <focus-ms@securityfocus.com>
Date: Mon, 19 Jan 2004 20:15:51 -0500

    The quarantine service that is implemented by MS on Windows Server 2003 only
    works for a RAS connection at this time. Once SP1 for Server 2003 comes out
    later this year you will be able to run the Quarantine server locally. You
    can get more information on Technet at www.microsoft.com/technet

    Glenn
    Solutions Specialist
    Microsoft Public Sector

    ----- Original Message -----
    From: "Depp, Dennis M." <deppdm@ornl.gov>
    To: "Wronski, Michael C (MED)" <Michael.Wronski@med.ge.com>; "Cyber Chiu`"
    <cchiu@hotspur.com.hk>; <focus-ms@securityfocus.com>
    Sent: Friday, January 16, 2004 8:20 PM
    Subject: RE: About MS-Networking security.

    Microsoft has a solution where remote users are scanned and verified
    clean before they are allowed to create a remote session, either using
    VPN or dialup. Their solution is based on Windows Server 2003. I think
    Cisco may have a similar solution, at least they should. There may be
    others as well.

    Denny

    -----Original Message-----
    From: Wronski, Michael C (MED) [mailto:Michael.Wronski@med.ge.com]
    Sent: Thursday, January 15, 2004 5:22 PM
    To: 'Cyber Chiu`'; focus-ms@securityfocus.com
    Subject: RE: About MS-Networking security.

    This is a common problem with no single solution. No matter what you do,
    the
    mobile user is going to be a high risk entity. Education of the user of
    their ability to cause harm to their own data and the company network is
    a
    great start. They need to be aware that their actions can cause
    catastrophic
    results.
    After education, the following are the most important:

    -Install Personal Firewall and AV on all laptops and make sure you
    educate
    the users on the function of the software.
    -Lock down the configuration so it cant be disabled by the user
    -Enable aggressive live updates (daily) and scans (daily)

    -Patching Automation - Before your user leaves the network, their
    laptops
    should be patched with the more recent OS updates.

    -Its best of your laptop users can connect to a "sandbox" network on
    return
    to the office or if you can separate all physical connection that belong
    to
    mobile users on a sandbox VLAN. This can be difficult to manage
    depending on
    your current network design.

    -M

    -----Original Message-----
    From: Cyber Chiu` [mailto:cchiu@hotspur.com.hk]
    Sent: Sunday, January 11, 2004 3:26 PM
    To: focus-ms@securityfocus.com
    Subject: About MS-Networking security.

    Hi all, I have a question about portable computer security concern.
    My company have firewall protection, all desktop are behind firewall.
    However, My saleman need to do their business with a Laptop. When
    they're in
    office. They will connect their laptop to our internet.

    I think it's danger because we don't know it's infected by virus or not.
    can anyone suggest me what to do?

    ------------------------------------------------------------------------ 

    ---
------------------------------------------------------------------------
---
------------------------------------------------------------------------
---
------------------------------------------------------------------------
---
---------------------------------------------------------------------------
---------------------------------------------------------------------------
---------------------------------------------------------------------------
---------------------------------------------------------------------------
  • Next message: andreas: "RE: Encrypt data - SQL Server 2000"

    Relevant Pages

    • RE: Unexpected error
      ... I presume you have Windows server 2003 and IIS installed on the Laptop? ... > But when I disconect it from the network it shows: ...
      (microsoft.public.sharepoint.portalserver)
    • Re: server 2003 crashes
      ... > I jsut installed windows server 2003 enterprise edition. ... > configuring it and got one laptop to connect to the network ... The Server Stops Responding and an Access Violation Occurs in Lsass.exe When ...
      (microsoft.public.windows.server.general)
    • RE: Can I install 2000 server on a laptop?
      ... Now I have Windows Server 2003 on my laptop. ... It is not suggested an actual network. ... I use it as a test machine to run betas and study for my certs. ...
      (microsoft.public.win2000.advanced_server)
    • Re: Fully parallel Scheme-based language w/ evaluator
      ... Windows Server 2003 and networks in simple - and irreverent - terms. ... If networking really is a big deal, ... Concepts and Terminology in Part I, and The Design and Deployment of Network ...
      (comp.lang.misc)
    • Re: Remote Desktop Disconnects
      ... I have a Windows Server 2003 R2 and not a SBS. ... I understand that the RDP from remote to SBS ... Contact the network adapter manufacturer or contact the original equipment ... Modify the registry to disable Receive Side Scaling ...
      (microsoft.public.windows.server.sbs)