Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1775
Views
5
Helpful
2
Replies

How can ISE and Stealthwach protect remote users

NeoK
Level 1
Level 1

‎08-27-2020 11:05 AM

Hi everyone,

 

So I got a question from a client about how remote users who choose to connect to their cloud/Internet by "by-passing" vpn and basically also by-passing ISE can still be protected and have their data protected too? Can we enforce a policy that prevents them from connecting to the network if they don't connect via vpn? They have ISE already running and are now abot to implement stealtwatch. I'm still a novice at both solutions. Any thoughts?

0 Helpful
2 Replies 2

Colby LeMaire
VIP Alumni
VIP Alumni

‎08-27-2020 12:14 PM

Not sure I understand completely.  Your customer has a corporate network with a perimeter, protected by a firewall (hopefully), that allows remote users to VPN in, and ISE is used for authentication of those VPN connections.  ISE possibly authenticates their wired and wireless users too but we are talking about remote users.  You are saying that they want to block remote users from accessing corporate resources if they are not connected to the VPN, right?  Their perimeter firewall should not allow any connections from the outside to the inside of their network.  The firewall should only allow source IP addresses from the remote access VPN pool to connect to the inside.  That will prevent someone from the Internet from gaining access.  That should already be in place.  If your client also has cloud-based resources and they want to prevent just anyone accessing that, then the cloud-based system should have some filtering to only allow source IP addresses from your corporate-owned IP space.

Not sure if that is what you are looking for.  Can you elaborate on what you mean by "by-passing" VPN?

NeoK
Level 1
Level 1
In response to Colby LeMaire

‎08-27-2020 01:33 PM

I think you might actually have answered my question, thank you

 

By "by-passing" vpn I meant that, the client said sometimes the remote users choose not to use vpn to connect to their internal cloud and to the internet even though they have it installed so they worry that this could pose as a threat. They wanted to know how they could still ensure the security of their company resources when this happened.  

0 Helpful
Customers Also Viewed These Support Documents