Tackling VPN security without firewalls

With this latest round of worms it became apparent that our biggest exposure was NOT our front door (the firewall), but rather the back door (laptops brought in from vendors/home, VPN users without firewalls). How are most organizations tackling the issue of protecting those devices? We've tried to mandate antivirus software and firewalls, but how can we technically force compliance?
Ah, here's the six million dollar question. Do you remember when most viruses were spread by floppy disks from home or other offices? We tried implementing stations at which everyone had to go and scan their disks before they could be used. Sometimes the station became infected and gave clean floppies viruses. It was an impossible task, and finally, we just eliminated the floppy drives on desktop computers.

Some companies I know are requiring that laptop computers be scanned before use (another impossible task). Others...

are attempting to use personal firewalls on laptops to prevent worms from leaving infected computers.

I don't know of a 100% sure technical control. (How can you prevent the laptop user from finding a network port and plugging in his laptop?) We've spent decades getting wired access everywhere, but how much of it do we really control? But one idea floating around is to require any new connection to the network to be authenticated and screened for adherence to security policy, just like we require external access to be screened. The security policy may include personal firewall, antiviral, etc.

This was first published in October 2003

Dig Deeper on Network intrusion detection and prevention and malware removal



Find more PRO+ content and other member only offers, here.

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.



Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:



  • VDI assessment guide

    Wait! Don't implement VDI technology until you know your goals and needs. A VDI assessment should consider the benefits of a VDI ...

  • Guide to calculating ROI from VDI

    Calculating ROI from VDI requires a solid VDI cost analysis. Consider ROI calculation models, storage costs and more to determine...

  • Keep the cost of VDI storage under control

    Layering, persona management tools and flash arrays help keep virtual desktop users happy and VDI storage costs down.