Re: UTM that inspects VPN traffic for viruses?
- From: 1crazyrican@xxxxxxxxx
- Date: Sat, 26 Jan 2008 08:19:44 -0800 (PST)
On Jan 26, 1:26 am, Arjun <arjunhe...@xxxxxxxxx> wrote:
On Jan 25, 11:35 pm, 1crazyri...@xxxxxxxxx wrote:
On Jan 24, 1:25 am, Sean <rse...@xxxxxxxxx> wrote:
Scanning the content of a secure connection would be considered as a
'man-in-the-middle' attach and would completely defeat the purpose.
Scanning incoming content from the Internet is no problems. I use
SafeSquid as content filtering proxy to control access to the net,
which is integrated with ClamAV to do just that at the gateway, with
satisfactory results. SafeSquid also has a buit-in connectivity to
other commercial AVs like Dr. Web, NOD32, Kaspersky, Sophos, Avast,
Trend Micro, Symantec, etc.
I don't know if this can be done, but this is just an idea, if it
would be helpful.
SafeSquid can also be deployed as a reverse proxy. You can granularly
configure who is allowed to access what, when and how much. So, I
think it should be possible to define IP based or authentication based
rules for the vendors, and define what they are allowed to access?
Again, all the content that you receive from the vendors, can also be
scanned. Would that be a workable solution?
I understand the concept of a VPN tunnel and how it is encrypted to
protect the data, but if my firewall is the endpoint, and it is
encrypting/decrypting data, doesn't that mean that it should be able
to inspect the data for malware? I did a google and came up with the
paragraph below. I am aware that the device is intended for managed
service providers but the concept is the same and I would imagine it
could be provided on a device for a a small to medium business.
thanks!
"MSSP: Virus-Free managed VPN Service
Taking advantage of Fortinet's integrated antivirus protection,
managed service providers can deliver the industry's most secure VPN
service by enabling Fortinet's advanced antivirus engine to block
incoming and outgoing VPN traffic that contains viruses, worms,
trojans, spyware and other malicious content to prevent virus
outbreaks from spreading from office to office. As an added benefit,
Fortinet's flexible VPN architecture allows for interoperability with
most IPSec VPN gateways. Regardless of the VPN CPE the customer has in
place, the FortiGate system deployed at the core will ensure virus-
free VPN traffic."http://www.fortinet.com/solutions/vpn.html-Hide quoted text -
- Show quoted text -
as i told if ur firewall is goin to act a VPN gateway the UTM solution
could very well do that...instead if your vpn gateway is inside
firewall then UTM will not be able to check into the content (as it's
encrypted)...hope u get it..- Hide quoted text -
- Show quoted text -
Got it, and thanks.
.
- References:
- UTM that inspects VPN traffic for viruses?
- From: 1crazyrican
- Re: UTM that inspects VPN traffic for viruses?
- From: Flash Gordon
- Re: UTM that inspects VPN traffic for viruses?
- From: 1crazyrican
- Re: UTM that inspects VPN traffic for viruses?
- From: Wolfgang Kueter
- Re: UTM that inspects VPN traffic for viruses?
- From: Sean
- Re: UTM that inspects VPN traffic for viruses?
- From: 1crazyrican
- Re: UTM that inspects VPN traffic for viruses?
- From: Arjun
- UTM that inspects VPN traffic for viruses?
- Prev by Date: Re: DFL 1600 problem
- Next by Date: Re: ESET Security Suite & VMware
- Previous by thread: Re: UTM that inspects VPN traffic for viruses?
- Next by thread: Re: UTM that inspects VPN traffic for viruses?
- Index(es):
Relevant Pages
|
