Question of the Day:
I am wondering what other organizations are doing regarding VPN security issues. I have had a hard time finding resources that talk about securing VPN users. Alot of sites say that VPN’s fix security holes but it seems like they just introduce more security issues for remote users.
Here are the questions I am wondering about:
1)Who are your remote users? ie) company owned machines or individual owned machines.
2)How do you protect against viruses from remote VPN users? Please be very detailed.
3)How do you install applications on remote users computers and how to you update and support these appliations.
4) Do you use terminal services such as Windows 2000 or Citrix Metaframe for applications?
5) How did you determine the server and bandwidth requirements for terminal server connections.
6) Have you used terminal services through a browser and what were your experiences?
7) If you use Citrix over Windows 2000 please explain the benefits you have found of Citrix compared to Windows 2000.
8) URL’s of good security resources that talk about securing remote VPN users. I am not looking for sites that say that a VPN fixes all of my security concerns because it does not. In fact VPNs create even more security concerns.
8) What software are you using for virus’s and/or remote user firewall software.
Here is my plan,
Have users connect to corporate network via the VPN. During each logon McAfee thin clint would puch out new virus definitions and would report viruses detected. Once this was complete the use could then connect to the terminal server for applications.
Thanks!
