Security Inside the firewall

Discussion in 'Security Software' started by Brian Newcomb, Sep 15, 2003.

  1. Does anyone know what service or product might be
    available to protect the trusted side of our network. We
    use dhcp and allow instructors and students to attach
    their own laptop to the network, but if they are not
    patched, infected, or have a worm, our firewall is
    useless.
    Is there anyway to prevent machines that aren't updated
    from getting a dhcp address from the server?
     
    Brian Newcomb, Sep 15, 2003
    #1
    1. Advertisements

  2. Brian Newcomb

    rob Guest

    If you allow them to attach these wild machines to your
    network, you're trusting them. The answer is to develop
    some kind of vetting process to make sure the machines
    qualify to be attached to your network. Consider creating
    a "sandbox" subnet and server for the untrusted machines,
    and using static IP on you protected network. The bottom
    line is if you continue to allow the visiting machines in,
    you're gonna have trouble unless you do something to make
    sure they are clean first. You can also mitigate the
    potential for damage by instituting stringent network
    security settings and running good centally managed anti-
    virus software, maybe make having YOUR antivirus client on
    the machines a pre-requisite for connecting to the
    network. The only other possible strategy that comes to
    mind is running individual firewalls on the machines in
    the network, which is a managment nightmare, but doable.
     
    rob, Sep 15, 2003
    #2
    1. Advertisements

  3. Brian Newcomb

    Jeff Cochran Guest

    Network AV software, intrusion detection software, use of group
    policies and the like can help, but the best method is a written
    policy that no system will be connected to the network that isn't
    running current AV software. Besides, there's no reason they can't be
    attaching to an isolated network with a firewall between that network
    and your internal net.

    Jeff
     
    Jeff Cochran, Sep 15, 2003
    #3
  4. This isn't directly useful advice, as the other two replies definitely are,
    but here's a feature to consider for the future:

    http://www.microsoft.com/windowsserver2003/techinfo/overview/quarantine.mspx
     
    Bill Sanderson, Sep 16, 2003
    #4
  5. Brian Newcomb

    Gary Flynn Guest

    http://www.security.uconn.edu/netregscan/

    --
    Gary Flynn
    Security Engineer - Technical Services
    James Madison University

    Please R.U.N.S.A.F.E.
    http://www.jmu.edu/computing/runsafe
     
    Gary Flynn, Sep 16, 2003
    #5
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.