Re: Remote User "Quarantine" and access control
- From: "Patrick Dickey" <pd1ckey43@xxxxxxxxxxxxxx>
- Date: Wed, 24 May 2006 22:55:55 -0500
"Steven L Umbach" <n9rou@xxxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message news:%23MtiRxpeGHA.968@xxxxxxxxxxxxxxxxxxxxxxx
I have not used it myself but the link below should get you started on what it takes. From what I understand writing the scripts needed can be the challenging part to check for all the various antivirus programs. The article does have some sample scripts to get you started and if you Google you may be able to find more. --- Steve
Implementing Quarantine Services with Microsoft Virtual Private Network Planning Guide
http://www.microsoft.com/technet/security/prodtech/windowsserver2003/quarantineservices/default.mspx
http://www.microsoft.com/downloads/details.aspx?FamilyID=a290f2ee-0b55-491e-bc4c-8161671b2462&displaylang=en --- sample scripts
"Jose" <Jose@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message news:617A9155-4ADA-4657-9DFC-B3A728824C9B@xxxxxxxxxxxxxxxxI was at a Microsoft seminar a year or two ago that covered laptop or remote
user access security and how Windows Server and other Micorosoft technologies
could be used to control remote user access to business LAN.
They talked about being able to set up VPN access to LAN and being able to
scan remote user laptop/desktop to verify whether it's patches and updates
were up to date and if they were the remote user was allowed into LAN if if
they were not up to date then the remote user was "quarantined" and not
allowed access to the LAN until it was updated and then allowed into LAN.
What is required to do this and is there any documentation on how to set
this up?
Thanks,
Jose
Could you write a script that quarantines the laptop until MBSA scans it? If it's a company laptop, you could implement a policy that they have to install (or keep) the necessary files for MBSA to scan the laptop. If it's a personal laptop, IMVHO, it has no business even being on the company network, so that makes the job even easier.
After MBSA runs, and verifies whether or not the updates are installed, you can either un-quarantine or keep it in quarantine based on the results.
--
Patrick Dickey
Smile... Someone out there cares deeply for you.
http://www.pats-computer-solutions.com
http://www.microsoft.com/protect
http://update.microsoft.com
.
- Follow-Ups:
- Re: Remote User "Quarantine" and access control
- From: Steven L Umbach
- Re: Remote User "Quarantine" and access control
- References:
- Re: Remote User "Quarantine" and access control
- From: Steven L Umbach
- Re: Remote User "Quarantine" and access control
- Prev by Date: Re: Sharing Encrypted Documents with Certificates
- Next by Date: Re: possible system intruder XP
- Previous by thread: Re: Remote User "Quarantine" and access control
- Next by thread: Re: Remote User "Quarantine" and access control
- Index(es):
