Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
4167
Views
0
Helpful
1
Replies

How to incorporate TPM (Trusted Platform Module)

Matthew Ratliff
Level 1
Level 1

‎01-29-2009 07:20 AM - last edited on ‎03-25-2019 05:42 PM by Community Manager

Have any of you ever used TPM to secure a VPN connection into a corporate network? I'm interested in doing two factor authentication. Ideally, only laptops that I authorize will have access to the VPN tunnel. If the laptop were to be lost or stolen I'd like to have the ability to disallow its connection by revoking a cert for example. What are your thoughts on this and what steps have you taken to get this implemented? The firewall is an ASA5510. Thanks!

1 person had this problem
Labels:
0 Helpful
1 Reply 1

didyap
Level 6
Level 6

‎02-04-2009 11:53 AM

There is a difference between trusting a user (after passing strong user authentication) and trusting that user's computer. While the former has traditionally been emphasized, only recently has the latter been given sufficient attention (see Trusted Platform Module - TPM). As discussed earlier, a Trojan-laden computer defeats strong user authentication. But a “company computer”, which is typically supported and managed according to corporate security policies, typically deserves more trust than a “non-company computer”. A secure SSL VPN infrastructure should allow you to verify a remote host's identity by checking on predefined end device parameters. Examples include registry entries, special files in a specified location, or digital certificates (as a form of device authentication). The host identity information can be used to make your access permission decisions.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card