[Dshield] remote access question

Ian Cottrell ian.cottrell at rogers.com
Mon Mar 7 02:25:06 GMT 2005


Nortel, as part of their Contivity gateway solution, have a product called 
TunnelGuard.  This allows us to look for any name and version of software 
before the connection is allowed.  We currently check for VPN client version, 
AV engine and signature version and (software) firewall version.  Works 
rather well, although you must be vigilante at the office end.  

A couple of months ago, no one could connect because someone one my staff set 
an upper limit to the virus signature version.  As everyone updated their 
sigs to a version above the limit, they could no longer connect.  Needless to 
say, we no longer set an upper limit.

TunnelGuard runs on the Contivity box, so I guess that it will only work with 
the Nortel solution.  We had already selected Contivity as our VPN solution, 
mostly because of it's strong support for Entrust PKI (a Canadian Gov't 
'standard').  TunnelGuard was a nice bonus for us.

Ian Cottrell
Happily retired from Dept of Justice (Canada)

> I'm looking for an automated solution that will scan my users remote system
> checking to make sure their AV is up to date and running along with scanning
> for any nasties before they gain VPN access.  I don't even know if there is
> such a solution out there but I'm sure the list will know.  Maybe I could run
> some sort of script that would redirects them to something like Trend House
> Call before?
> 
> Thanx, Paul   
> 
> -------------- Sponsor Message ------------------------------------
> SANS Intrusion Immersion Training: Orlando, FL, February 3-9th
> http://www.sans.org/orlando05
> 
> _______________________________________________
> send all posts to list at lists.dshield.org
> To change your subscription options (or unsubscribe), see:
> http://www.dshield.org/mailman/listinfo/list





More information about the list mailing list