From: "Rich"
This is a multi-part message in MIME format.
------=_NextPart_000_0363_01C5CB95.31D73440
Content-Type: text/plain;
charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
Check whatever you want. It's up to you.
Rich
"Geo" wrote in message
news:43470b84{at}w3.nls.net...
enabled and up to date antivirus means nothing. I can't count the =
number of Norton protected machines that are trojaned that I see on a = daily basis.
Geo.
"Rich" wrote in message news:43455f13$1{at}w3.nls.net...
First, DRM is irrelevant here and unless you are trying to spread =
FUD I don't see why you would mention it.
As for the rest, you should be going back in time. See =
http://www.microsoft.com/technet/security/prodtech/windowsserver2003/quar=
antineservices/default.mspx. You can perform whatever validation you =
want on the client. Typical checks would be to verify that client =
security policy is met such as enabled and up to date antivirus and =
firewall.
In Longhorn this gets extended to the LAN. See =
http://www.microsoft.com/windowsserver2003/technologies/networking/nap/de=
fault.mspx.
I believe Cisco also has products in this space.
Rich
"John Beckett"
wrote in =
message news:fpq9k19od4ntbh0flgobh19p4kclbgqetn{at}4ax.com...
"Geo" wrote in message =
news::
> I guess I'm stupid but I only use VPN's to link secure networks =
together,
> using one to allow an insecure computer total access to a secure =
network
> seems like a security accident just waiting to happen.. Insecure =
machines
> like wandering laptops belong on their own network firewalled =
from the
> secure network with only limited access.
We live in interesting times...
Fast-forwarding to the future by, say, two years:
The only half-way decent procedure to allow a roaming laptop to =
have
remote access to your network is to require that the laptop be =
running a
DRM-protected system, including hardware, BIOS and OS. That way, =
you will
know that only trusted software is running on the machine.
Anything less than the Microsoft/Intel/et-al DRM initiative means =
you just
won't be able to allow roaming machines to connect to the core =
office
network.
John
------=_NextPart_000_0363_01C5CB95.31D73440
Content-Type: text/html;
charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
Check
whatever you =
want. It's up=20
to you.
Rich
"Geo" <georger{at}nls.net>">mailto:georger{at}nls.net">georger{at}nls.net>
wrote=20
in message news:43470b84{at}w3.nls.net...
enabled and up to date antivirus =
means nothing. I=20
can't count the number of Norton protected machines that are trojaned =
that I=20
see on a daily basis.
Geo.
"Rich" <{at}> wrote in message news:43455f13$1{at}w3.nls.net...
First, DRM is =
irrelevant here and=20
unless you are trying to spread FUD I don't see why you would =
mention=20
it.
As
for the rest, you =
should be=20
going back in time. See http://www.microsoft.com/technet/security/prodtech/windowsserver2=
003/quarantineservices/default.mspx">http://www.microsoft.com/technet/sec=
urity/prodtech/windowsserver2003/quarantineservices/default.mspx.&nbs=
p;=20
You can perform whatever validation you want on the client. =
Typical=20
checks would be to verify that client security policy is met such as =
enabled=20
and up to date antivirus and firewall.
In
Longhorn this gets =
extended to=20
the LAN. See http://www.microsoft.com/windowsserver2003/technologies/networkin=
g/nap/default.mspx">http://www.microsoft.com/windowsserver2003/technologi=
es/networking/nap/default.mspx.
I
believe Cisco also =
has products=20
in this space.
Rich
"John Beckett" <FirstnameSurname{at}com=">mailto:FirstnameSurname{at}compuserve.com.omit">FirstnameSurname{at}com=
puserve.com.omit>=20
wrote in message news:fpq9k19od4n=
tbh0flgobh19p4kclbgqetn{at}4ax.com..."Geo"=20
<georger{at}nls.net>">mailto:georger{at}nls.net">georger{at}nls.net>
=
wrote in=20
message * Origin: Barktopia BBS Site http://HarborWebs.com:8081 (1:379/45)
SEEN-BY: 633/267 270 5030/786
@PATH: 379/45 1 106/2000 633/267
|