From: "Geo" 

This is a multi-part message in MIME format.

------=_NextPart_000_0059_01C5CB78.EE3657A0
Content-Type: text/plain;
        charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable

enabled and up to date antivirus means nothing. I can't count the number =
of Norton protected machines that are trojaned that I see on a daily =
basis.

Geo.
  "Rich"  wrote in message news:43455f13$1{at}w3.nls.net...
     First, DRM is irrelevant here and unless you are trying to spread =
FUD I don't see why you would mention it.

     As for the rest, you should be going back in time.  See =
http://www.microsoft.com/technet/security/prodtech/windowsserver2003/quar=
antineservices/default.mspx.  You can perform whatever validation you =
want on the client.  Typical checks would be to verify that client =
security policy is met such as enabled and up to date antivirus and =
firewall.

     In Longhorn this gets extended to the LAN.  See =
http://www.microsoft.com/windowsserver2003/technologies/networking/nap/de=
fault.mspx.

     I believe Cisco also has products in this space.

  Rich


    "John Beckett"  wrote in =
message news:fpq9k19od4ntbh0flgobh19p4kclbgqetn{at}4ax.com...
    "Geo"  wrote in message =
news::
    > I guess I'm stupid but I only use VPN's to link secure networks =
together,
    > using one to allow an insecure computer total access to a secure =
network
    > seems like a security accident just waiting to happen.. Insecure =
machines
    > like wandering laptops belong on their own network firewalled from =
the
    > secure network with only limited access.

    We live in interesting times...

    Fast-forwarding to the future by, say, two years:
    The only half-way decent procedure to allow a roaming laptop to have
    remote access to your network is to require that the laptop be =
running a
    DRM-protected system, including hardware, BIOS and OS. That way, you =
will
    know that only trusted software is running on the machine.

    Anything less than the Microsoft/Intel/et-al DRM initiative means =
you just
    won't be able to allow roaming machines to connect to the core =
office
    network.

    John

------=_NextPart_000_0059_01C5CB78.EE3657A0
Content-Type: text/html;
        charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable








enabled and up to date antivirus means =
nothing. I=20
can't count the number of Norton protected machines that are trojaned = that I see=20
on a daily basis.
 
Geo.

  "Rich" <{at}> wrote in message news:43455f13$1{at}w3.nls.net...
     First,
DRM is irrelevant =
here and=20
  unless you are trying to spread FUD I don't see why you would mention=20
  it.
   
     As for
the rest, you =
should be going=20
  back in time.  See http://www.microsoft.com/technet/security/prodtech/windowsserver2=
003/quarantineservices/default.mspx">http://www.microsoft.com/technet/sec=
urity/prodtech/windowsserver2003/quarantineservices/default.mspx.&nbs=
p;=20
  You can perform whatever validation you want on the client.  =
Typical=20
  checks would be to verify that client security policy is met such as =
enabled=20
  and up to date antivirus and firewall.
   
     In
Longhorn this gets =
extended to=20
  the LAN.  See http://www.microsoft.com/windowsserver2003/technologies/networkin=
g/nap/default.mspx">http://www.microsoft.com/windowsserver2003/technologi=
es/networking/nap/default.mspx.
   
     I
believe Cisco also has =
products in=20
  this space.
   
  Rich
   
   
  
    "John Beckett" <FirstnameSurname{at}com=">mailto:FirstnameSurname{at}compuserve.com.omit">FirstnameSurname{at}com=
puserve.com.omit>=20
    wrote in message news:fpq9k19od4n=
tbh0flgobh19p4kclbgqetn{at}4ax.com..."Geo"=20
    <georger{at}nls.net>">mailto:georger{at}nls.net">georger{at}nls.net>
wrote =
in=20
    message 

------=_NextPart_000_0059_01C5CB78.EE3657A0--

--- BBBS/NT v4.01 Flag-5