RE: Roaming Firewall Solution Information

• Previous message: lonely wolf: "Re: Vpn concentrator - health care client"
• Maybe in reply to: G.Crow: "Roaming Firewall Solution Information"
• Next in thread: Erickson, Tom: "RE: Roaming Firewall Solution Information"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

To: <security-basics@lists.securityfocus.com>
Date: Fri, 10 Dec 2004 20:35:31 -0500

The VPN client is set up like that when they use it - I'm more concerned
with their use of the computer when not using VPN.

SP2, sadly, breaks something on our laptop images, and I haven't had the
time to fix it yet. I'm going to be taking care of that in my next =
batch,
actually, but I haven't worked with the built-in firewall too much, =
since I
operate my desktops in a trusted environment.

It would be quite easy to push and maintain something like that out once
they are at SP2, though. Unfortunately, this doesn't take care of my =
Win2k
laptops, of which there are a few. Any ideas?

Gabe

> -----Original Message-----
> From: Max Pettersson [mailto:macks53@msn.com]
> Sent: December 10, 2004 3:42 PM
> To: secure.computing@gmail.com
> Subject: RE: Roaming Firewall Solution Information
>=20
> Hello!
>=20
> Is it possible to configure the clients to avoid using split-tunnels,
> connecting the computer to both the internet directly and your =
vpn-tunnel.
> By limiting only internet access trought the vpn tunnel you should be =
able
> to control traffic trough your main vpn-concentrator and firewall. =
Then
> simple use the very good builting firewall that ships with SP2. =
That=B4s the
> simplest solution im my opinion.
>=20
> //Max
>=20
> >From: "G.Crow" <secure.computing@gmail.com>
> >Reply-To: "G.Crow" <secure.computing@gmail.com>
> >To: security-basics@lists.securityfocus.com
> >Subject: Roaming Firewall Solution Information
> >Date: Thu, 9 Dec 2004 20:16:12 -0500
> >
> >Greetings,
> >
> >
> >I'm seeking a firewall solution that I can deploy on my mobile users
> >laptops. I've done some research into this, but in my position I've
> >been extremely pressed for time lately, and don't know if I can get
> >the research done in the near future, especially since quotes for the
> >products I'm familiar with are hard to come by for business users.
> >Any experiences, help, or recommendations into this are more than
> >welcome.
> >
> >
> >Basically I'm tired of worrying if my users are going to bring home
> >the next big thing. I know what I'd pick for myself, but I'm not so
> >sure what is so good for end users - I'm looking for something I can
> >set up a base template of rules for and leave running without forcing
> >my users to make 'hard' choices in the field - and therefore call me.
> >I'm not currently looking at one of the centrally managed firewall
> >solutions, primarily for cost reasons - I'm doing this outside of the
> >central IT budget for a subset of users specific to my facility. I
> >haven't seen any particular studies on this issue, and testing all =
the
> >various products out there isn't in my immediate time scope.
> >
> >
> >My criteria/situation is as follows:
> >
> >
> >-Environment: Mixed Win2k SP4/WinXP SP1 laptops. Varied hardware.
> >~20-30 or so.
> >-Budget: $50 a head or so, lower preferable, but variance is =
allowed.
> >-Desired features: Importable rulesets, local logging, user-friendly
> >(as they *will* end up making it ask about some traffic)
> > -Compatibility: Cisco VPN Client, Novell, Internal web apps, i.e.
> >nothing too extreme except for possibly the Cisco client -Timeframe:
> >Trying to get this purchased before 2005
> >
> > I've looked into ZoneAlarm and Checkpoint Integrity, but Zone Labs =
is
> >elusive in which product they will license to business customers, and
> >at what price, so I'm unsure even of what product to test. =
Checkpoint
> >seems a little pricey for the simplified solution I'm going for -
> >however unlike ZoneAlarm and Tiny, I haven't played with it to be
> >sure. My experience with Tiny has been anything but user-friendly, a
> >key concern. I also haven't used recent versions, so I don't know if
> >it's improved. Kerio I haven't used, and I'm unsure of other
> >client-based unmanaged firewalls to check out.
> >
> >
> >Thank you for any help you can provide,
> >
> >Gabe
> >secure dot computing at gmail d0t com
>=20
> _________________________________________________________________
> L=E4ttare att hitta dr=F6mresan med MSN Resor http://www.msn.se/resor/

• Previous message: lonely wolf: "Re: Vpn concentrator - health care client"
• Maybe in reply to: G.Crow: "Roaming Firewall Solution Information"
• Next in thread: Erickson, Tom: "RE: Roaming Firewall Solution Information"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]