RE: About MS-Networking security.
From: Sarbjit Singh Gill (ssgill_at_gilltechnologies.com)
Date: 01/20/04
- Previous message: andreas: "RE: Encrypt data - SQL Server 2000"
- In reply to: Depp, Dennis M.: "RE: About MS-Networking security."
- Next in thread: Bohling James CONT JBC: "RE: About MS-Networking security."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: "'Depp, Dennis M.'" <deppdm@ornl.gov>, "'Wronski, Michael C (MED)'" <Michael.Wronski@med.ge.com>, "'Cyber Chiu`'" <cchiu@hotspur.com.hk>, <focus-ms@securityfocus.com> Date: Tue, 20 Jan 2004 09:21:51 +0800
Greetings,
It is called the network quarantine and you need the W2K2 resource kit for
it.
Here is a white paper on it.
http://www.microsoft.com/windowserver2003/techinfo/overview/quarantine.mspx
Gill
-----Original Message-----
From: Depp, Dennis M. [mailto:deppdm@ornl.gov]
Sent: Saturday, January 17, 2004 9:20 AM
To: Wronski, Michael C (MED); Cyber Chiu`; focus-ms@securityfocus.com
Subject: RE: About MS-Networking security.
Microsoft has a solution where remote users are scanned and verified clean
before they are allowed to create a remote session, either using VPN or
dialup. Their solution is based on Windows Server 2003. I think Cisco may
have a similar solution, at least they should. There may be others as well.
Denny
-----Original Message-----
From: Wronski, Michael C (MED) [mailto:Michael.Wronski@med.ge.com]
Sent: Thursday, January 15, 2004 5:22 PM
To: 'Cyber Chiu`'; focus-ms@securityfocus.com
Subject: RE: About MS-Networking security.
This is a common problem with no single solution. No matter what you do, the
mobile user is going to be a high risk entity. Education of the user of
their ability to cause harm to their own data and the company network is a
great start. They need to be aware that their actions can cause catastrophic
results.
After education, the following are the most important:
-Install Personal Firewall and AV on all laptops and make sure you educate
the users on the function of the software.
-Lock down the configuration so it cant be disabled by the user
-Enable aggressive live updates (daily) and scans (daily)
-Patching Automation - Before your user leaves the network, their laptops
should be patched with the more recent OS updates.
-Its best of your laptop users can connect to a "sandbox" network on return
to the office or if you can separate all physical connection that belong to
mobile users on a sandbox VLAN. This can be difficult to manage depending on
your current network design.
-M
-----Original Message-----
From: Cyber Chiu` [mailto:cchiu@hotspur.com.hk]
Sent: Sunday, January 11, 2004 3:26 PM
To: focus-ms@securityfocus.com
Subject: About MS-Networking security.
Hi all, I have a question about portable computer security concern.
My company have firewall protection, all desktop are behind firewall.
However, My saleman need to do their business with a Laptop. When they're in
office. They will connect their laptop to our internet.
I think it's danger because we don't know it's infected by virus or not.
can anyone suggest me what to do?
------------------------------------------------------------------------
--- ------------------------------------------------------------------------ --- ------------------------------------------------------------------------ --- ------------------------------------------------------------------------ --- --------------------------------------------------------------------------- --------------------------------------------------------------------------- --------------------------------------------------------------------------- ---------------------------------------------------------------------------
- Previous message: andreas: "RE: Encrypt data - SQL Server 2000"
- In reply to: Depp, Dennis M.: "RE: About MS-Networking security."
- Next in thread: Bohling James CONT JBC: "RE: About MS-Networking security."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
