04-26-2010 05:27 AM
Hi All,
Just curious to know security risks of allowing RDP to a system on company network through Cisco Web / SSL VPN from usually unsecured / unmanaged employees personal laptops / home PCs?
This is needed to strategize new VPN policy for the org. Any inputs would be highly appreciated.
Thanks,
Satishcp
04-30-2010 11:07 AM
I would suggest using The Endpoint assessment tool built into the Anyconnect/ASA to check for the existence of up to date AV and patches....or use a 3rd party tool to do this.
04-30-2010 11:30 AM
We use the posture assessment extensively and have different tiers of access. In short, if a user is connecting with a laptop that has been imaged and is managed by us and all the proper security controls are in place then they can use AnyConnect thus providing full network access.
We make use of the RDP java plug-in on the Web Portal for users connecting with a non-corporate asset but they at the very least must have up to date AV and a personal FW installed.
No AV or FW - very limited access to a small subset of web resources.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide