TIP: Click on subject to list as thread! ANSI
echo: nthelp
to: John Beckett
from: Rich
date: 2005-10-06 10:31:26
subject: Re: VPNs
From: "Rich" 

This is a multi-part message in MIME format.

------=_NextPart_000_02D0_01C5CA61.1B523CE0
Content-Type: text/plain;
        charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable

   First, DRM is irrelevant here and unless you are trying to spread FUD =
I don't see why you would mention it.

   As for the rest, you should be going back in time.  See =
http://www.microsoft.com/technet/security/prodtech/windowsserver2003/quar=
antineservices/default.mspx.  You can perform whatever validation you =
want on the client.  Typical checks would be to verify that client =
security policy is met such as enabled and up to date antivirus and =
firewall.

   In Longhorn this gets extended to the LAN.  See =
http://www.microsoft.com/windowsserver2003/technologies/networking/nap/de=
fault.mspx.

   I believe Cisco also has products in this space.

Rich


  "John Beckett" 
wrote in message =
news:fpq9k19od4ntbh0flgobh19p4kclbgqetn{at}4ax.com...
  "Geo"  wrote in message
news::
  > I guess I'm stupid but I only use VPN's to link secure networks =
together,
  > using one to allow an insecure computer total access to a secure =
network
  > seems like a security accident just waiting to happen.. Insecure =
machines
  > like wandering laptops belong on their own network firewalled from =
the
  > secure network with only limited access.

  We live in interesting times...

  Fast-forwarding to the future by, say, two years:
  The only half-way decent procedure to allow a roaming laptop to have
  remote access to your network is to require that the laptop be running =
a
  DRM-protected system, including hardware, BIOS and OS. That way, you =
will
  know that only trusted software is running on the machine.

  Anything less than the Microsoft/Intel/et-al DRM initiative means you =
just
  won't be able to allow roaming machines to connect to the core office
  network.

  John

------=_NextPart_000_02D0_01C5CA61.1B523CE0
Content-Type: text/html;
        charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable








   First,
DRM is irrelevant =
here and=20
unless you are trying to spread FUD I don't see why you would mention=20
it.
 
   As for
the rest, you =
should be going=20
back in time.  See http://www.microsoft.com/technet/security/prodtech/windowsserver2=
003/quarantineservices/default.mspx">http://www.microsoft.com/technet/sec=
urity/prodtech/windowsserver2003/quarantineservices/default.mspx.&nbs=
p;=20
You can perform whatever validation you want on the client.  =
Typical checks=20
would be to verify that client security policy is met such as enabled = and up to=20
date antivirus and firewall.
 
   In
Longhorn this gets =
extended to the=20
LAN.  See http://www.microsoft.com/windowsserver2003/technologies/networkin=
g/nap/default.mspx">http://www.microsoft.com/windowsserver2003/technologi=
es/networking/nap/default.mspx.
 
   I believe
Cisco also has =
products in=20
this space.
 
Rich
 
 

  "John Beckett" <FirstnameSurname{at}com=">mailto:FirstnameSurname{at}compuserve.com.omit">FirstnameSurname{at}com=
puserve.com.omit>=20
  wrote in message news:fpq9k19od4n=
tbh0flgobh19p4kclbgqetn{at}4ax.com..."Geo"=20
  <georger{at}nls.net>">mailto:georger{at}nls.net">georger{at}nls.net>
wrote =
in message=20
   * Origin: Barktopia BBS Site http://HarborWebs.com:8081 (1:379/45)

SEEN-BY: 633/267 270 5030/786

@PATH: 379/45 1 106/2000 633/267
SOURCE: echomail via fidonet.ozzmosis.com

Email questions or comments to sysop@ipingthereforeiam.com
All parts of this website painstakingly hand-crafted in the U.S.A.!
IPTIA BBS/MUD/Terminal/Game Server List, © 2025 IPTIA Consulting™.