RE: Would AV plugin stop VPN infections?
- From: "Thomas W Shinder" <tshinder@xxxxxxxxxxxxxxxxxx>
- To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
- Date: Tue, 19 Aug 2003 20:22:39 -0500
Hi Mark,
Same as with any other VPN connection: packet filters are created to
allow the VPN connection inbound.
HTH,
Tom
Thomas W Shinder
www.isaserver.org/shinder
ISA Server and Beyond: http://tinyurl.com/1jq1
Configuring ISA Server: http://tinyurl.com/1llp
-----Original Message-----
From: Mark Hippenstiel [mailto:M.Hippenstiel@xxxxxxxxxxxx]
Sent: Tuesday, August 19, 2003 2:38 AM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: Would AV plugin stop VPN infections?
http://www.ISAserver.org
Tom,
how does this integrate with ISA then?
Mark
-----Original Message-----
From: Thomas W Shinder
[mailto:tshinder@xxxxxxxxxxxxxxxxxx]
Posted At: Monday, August 18, 2003 6:39 PM
Posted To: www.isaserver.org
Conversation: [isalist] RE: Would AV plugin stop VPN
infections?
Subject: [isalist] RE: Would AV plugin stop VPN
infections?
http://www.ISAserver.org
Hi Steve and William,
The VPN Quarantine feature is something you get with the
Win2003 VPN service. You can use it to "pre-qualify" your VPN clients
before allowing them access into your network. Once they pass the
pre-qualification process (have AV software installed,
anti-spyware/scumware software installed, have the appropraiate SPs and
hotfixes installed, etc), then they are allowed access to the network.
Very cool stuff. I'm hoping I'll be able to get an ISA Server 2000 VPN
Quarantine Kit together in the future. You could have even checked for
the Blaster registry entries on the VPN clients before letting them in,
IIRC.
For more info, check out www.microsoft.com/vpn They have
some stuff there on the subject, and I'll be writing more about it in
the near future.
HTH,
Tom
Thomas W Shinder
www.isaserver.org/shinder
<http://www.isaserver.org/shinder>
ISA Server and Beyond: http://tinyurl.com/1jq1
Configuring ISA Server: http://tinyurl.com/1llp
<http://tinyurl.com/1llp>
-----Original Message-----
From: Steve Moffat
[mailto:steve@xxxxxxxxxxxxxxxxxxxxxxxxxx]
Sent: Monday, August 18, 2003 11:14 AM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: Would AV plugin stop VPN
infections?
http://www.ISAserver.org
Ok Dr Shinder, can you elaborate on VPN
Quarantine...:))
Steve
_____
From: Thomas W Shinder
[mailto:tshinder@xxxxxxxxxxxxxxxxxx]
Sent: Monday, August 18, 2003 11:00 AM
To: [ISAserver.org Discussion List]
http://www.ISAserver.org
Hi William,
ISA firewalls don't inspect VPN traffic, as its
LAT traffic. However, if you have Windows Server 2003 based ISA
firewalls, then you can use the VPN Quarantine to get what you want
accomplish.
HTH,
Tom
Thomas W Shinder
www.isaserver.org/shinder
<http://www.isaserver.org/shinder>
ISA Server and Beyond: http://tinyurl.com/1jq1
Configuring ISA Server: http://tinyurl.com/1llp
<http://tinyurl.com/1llp>
------------------------------------------------------
List Archives:
http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter:
http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ:
http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
Leading Network Software Directory:
http://www.serverfiles.com
No.1 Exchange Server Resource Site:
http://www.msexchange.org
Windows Security Resource Site:
http://www.windowsecurity.com/
Network Security Library: http://www.secinf.net/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org
Discussion List as: isaserver@xxxxxxxxxxxx
To unsubscribe send a blank email to
$subst('Email.Unsub')
------------------------------------------------------
List Archives:
http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter:
http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ:
http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
Leading Network Software Directory: http://www.serverfiles.com
No.1 Exchange Server Resource Site: http://www.msexchange.org
Windows Security Resource Site: http://www.windowsecurity.com/
Network Security Library: http://www.secinf.net/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion
List as: tshinder@xxxxxxxxxxxxxxxxxx
To unsubscribe send a blank email to
$subst('Email.Unsub')
Other related posts:
