RE: How can I deny VPN access based on Virus DAT



My understanding of the best way to go about this would be to allow the VPN
connection but not allow access to network resources until the user clears a
network quarantine (AV defs, patches, etc). As far as implementation or
actual devices go, I'm only familiar with some of the Symantec h/ware
appliances for this.

Corey Watts-Jones
Systems Support Specialist
BIT Incorporated

-----Original Message-----
From: Ansgar -59cobalt- Wiechers [mailto:bugtraq@xxxxxxxxxxxxxxxx]
Sent: Thursday, January 05, 2006 1:32 PM
To: security-basics@xxxxxxxxxxxxxxxxx
Subject: Re: How can I deny VPN access based on Virus DAT

On 2006-01-03 Nick Duda wrote:
> Can anyone explain the different products and/or procedures in using a
> VPN device for telecommuters with the ability to deny VPN access if
> they dona?Tt have Antivirus or their Antivirus DAT's are not up to
> date.

How are you going to verify that without already establishing the VPN?
Do you want to rely on the client telling you "yep, ev'rything's just
fine"? Why would $MALWARE refrain from forging that claim?

Regards
Ansgar Wiechers
--
"All vulnerabilities deserve a public fear period prior to patches
becoming available."
--Jason Coombs on Bugtraq

---------------------------------------------------------------------------
EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
The Norwich University program offers unparalleled Infosec management
education and the case study affords you unmatched consulting experience.
Tailor your education to your own professional goals with degree
customizations including Emergency Management, Business Continuity Planning,

Computer Emergency Response Teams, and Digital Investigations.

http://www.msia.norwich.edu/secfocus
----------------------------------------------------------------------------




---------------------------------------------------------------------------
EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
The Norwich University program offers unparalleled Infosec management
education and the case study affords you unmatched consulting experience.
Tailor your education to your own professional goals with degree
customizations including Emergency Management, Business Continuity Planning,
Computer Emergency Response Teams, and Digital Investigations.

http://www.msia.norwich.edu/secfocus
----------------------------------------------------------------------------



Relevant Pages

  • Re: Openvpn and ssh
    ... You can also look at the SSL-Explorer (Open Source SSL VPN) if you ... > education and the case study affords you unmatched consulting experience. ... > Computer Emergency Response Teams, ...
    (Security-Basics)
  • RE: PC Anywhere and security
    ... How do you share VPN with vendors when certs/keys are involved? ... Norwich University program offers unparalleled Infosec management ... education and the case study affords you unmatched consulting ... Planning, Computer Emergency Response Teams, and Digital Investigations. ...
    (Security-Basics)
  • Re: Deploying SSL-based VPNs
    ... Most hardware VPN gateways use IPSec ... Infosec management ... Tailor your education to your own professional goals ... Computer Emergency Response Teams, and Digital Investigations. ...
    (Security-Basics)
  • Re: How can I deny VPN access based on Virus DAT
    ... For Cisco NAC, you establish the VPN, but if you don't have everything ... > The Norwich University program offers unparalleled Infosec management ... > education and the case study affords you unmatched consulting experience. ... > Computer Emergency Response Teams, ...
    (Security-Basics)
  • Re: PC Anywhere and security
    ... remote access software over the VPN, you can use VPN policies or IPSec ... education and the case study affords you unmatched consulting experience. ... Computer Emergency Response Teams, and Digital Investigations. ...
    (Security-Basics)