cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements
Announcements
Choose one of the topics below to view our ISE Resources to help you on your journey with ISE

This community is for technical, feature, configuration and deployment questions.
For production deployment issues, please contact the TAC! We will not comment or assist with your TAC case in these forums.
Please see How to Ask the Community for Help for other best practices.

290
Views
0
Helpful
4
Replies
Highlighted
Contributor

What do people do with third party VPN access

Hi All

What do people do regarding third party VPN access to their network, if we have people connecting with no agents etc, how can we enforce polices etc?

Is there certain things people check for etc for third party compliance?

cheers

Everyone's tags (1)
4 REPLIES 4
Highlighted
Cisco Employee

Re: What do people do with third party VPN access

Carl can you define what you mean for "third party compliance"? A specific example would be helpful.

Highlighted
Contributor

Re: What do people do with third party VPN access

For example,

We have third party support companies access our systems for support etc, we lock these down via our ASA to specific servers etc, but how do we know they are running AV and a patched pc?

what if the third party will not let us put a client on their pc?

how would we go about this? what does everyone else do?

Highlighted
Cisco Employee

Re: What do people do with third party VPN access

Thank you - that helps clarify... I thought you were asking about other networking vendors' VPN/Firewalls with ISE!

I'd say these are your options:

1) lock down their VPN access with ACLs to only the specific services (hosts & ports) as you are doing

2) give them one of your corporate laptops with your approved/required software, anti-malware, etc.

3) virtual desktops

 

Highlighted
Collaborator

Re: What do people do with third party VPN access

Hi,

   

    If you don't ave control over the remote PC's, you first restrict their access at the IP level (ACL or VPN filter), and after decryption you take the traffic as untrusted; so you integrate it within your company's threat detection architecture; you have an inline NGFW/IPS to detect layer4-7 attacks; you have your SOC monitoring the events and taking actions.

 

Regards,

Cristian Matei.