Re: Can ISA 2004 verify certain unknowns before authenticating to netw

Tech-Archive recommends: Fix windows errors by optimizing your registry

From: Jim Harrison [MSFT] (jmharr_at_online.microsoft.com)
Date: 11/18/04 

Date: Wed, 17 Nov 2004 19:25:21 -0800

ISA 2004 is better because you can apply policies to VPN clients, where you can't for ISA 2000.
Also, ISA 2004 knows how to use Windows 2003 VPN Quarantine to limit client access until they pass your requirements.
Check out this link for more information:
http://www.microsoft.com/isaserver/techinfo/guidance/2004/vpn.asp 

-- 
 Jim Harrison [ISASE]
 Read the help, books and articles!
 This posting is provided "AS IS" with no warranties, and confers no rights.
"ST3" <ST3@discussions.microsoft.com> wrote in message news:A61A1D95-6E4F-44FE-8C8C-65EB5F3CDCF5@microsoft.com...
We've got laptop users who are unfortunately granted local admin rights over
their machines.  While this makes for a higher level of usability on their
end, it makes for real problems when trying to manage and maintain security
on these machines.  I seem to recall there was a way to verify certain
unknowns before authenticating the user on the network and allowing them
access to file shares and other sensitive information.  I realize that I can
enforce policies on the RAS side for VPN connections, but that only seems to
enforce groups, times, length of sessions, etc.  I would like to verify that
the user's Anti-Virus Software is running and current (Symantec Enterprise).
I seem to recall seeing this done at a recent Microsoft Security Seminar
which focused on ISA 2004.  Can someone verify that it is possible and ISA
2004 is required?  I would rather know the answer before installing the
software and finding out it's not possible later.

Relevant Pages

  • Re: gateway vpn how-to?
    ... After configuring the "Set up Local ISA VPN Server" wizard, ... After that, reboot the server. ... VPN client connections", finish the configuration afterwards. ... Microsoft CSS Online Newsgroup Support ...
    (microsoft.public.windows.server.sbs)
  • Re: Outgoing VPN Error 619
    ... Outbound VPN problem: ... Q1 - is the test client configured as SecureNET? ... Q2 - what do you find in the ISA logs for your tests? ... I've checked in local network rules and I do have a rule called VPN clients ...
    (microsoft.public.isa.vpn)
  • Re: Switching IP address ranges
    ... ISA Server performs deep inspection of Internet ... inspection of all VPN traffic. ... Forth just because SBS is cheap it does not mean is bad. ... I used to believe on solid state firewalls (which SonicWall is not) but they ...
    (microsoft.public.windows.server.sbs)
  • RE: ISA2004 kills VPN outbound
    ... I understand that after you upgraded ISA 2000 to ISA ... 825763 How to configure Internet access in Windows Small Business Server ... Then, establish the VPN connection again, does it work this time? ... FW client and configure the client as a SecureNAT client. ...
    (microsoft.public.windows.server.sbs)
  • RE: Configuring ISA 2004 for outbound MS VPN access
    ... internal users to connect to an external VPN server through Microsoft ... Internet Security and Acceleration (ISA) Server 2004. ... remote VPN network is not in the local ISA server's LAT (for ISA 2004, ... Joining Networks over the Internet with a Gateway to Gateway VPN: ...
    (microsoft.public.windows.server.sbs)