What do people do with third party VPN access

carl_townshend · ‎02-27-2020

Hi All

What do people do regarding third party VPN access to their network, if we have people connecting with no agents etc, how can we enforce polices etc?

Is there certain things people check for etc for third party compliance?

cheers

thomas · ‎02-27-2020

Carl can you define what you mean for "third party compliance"? A specific example would be helpful.

carl_townshend · ‎02-28-2020

For example,

We have third party support companies access our systems for support etc, we lock these down via our ASA to specific servers etc, but how do we know they are running AV and a patched pc?

what if the third party will not let us put a client on their pc?

how would we go about this? what does everyone else do?

thomas · ‎02-28-2020

Thank you - that helps clarify... I thought you were asking about other networking vendors' VPN/Firewalls with ISE!

I'd say these are your options:

1) lock down their VPN access with ACLs to only the specific services (hosts & ports) as you are doing

2) give them one of your corporate laptops with your approved/required software, anti-malware, etc.

3) virtual desktops

Cristian Matei · ‎03-01-2020

Hi,

If you don't ave control over the remote PC's, you first restrict their access at the IP level (ACL or VPN filter), and after decryption you take the traffic as untrusted; so you integrate it within your company's threat detection architecture; you have an inline NGFW/IPS to detect layer4-7 attacks; you have your SOC monitoring the events and taking actions.

Regards,

Cristian Matei.