Hot Stuff: Closing the VPN Door on Viruses

Posted on
Share on Google+Share on LinkedInShare on FacebookShare on RedditTweet about this on TwitterEmail this to someone

It’s a truism that the security of VPN link doesn’t offer complete protection from threat or compromise, as many companies learned to their dismay during recent assaults from infections like SoBig, MyDoom, Netsky, and so forth. Just because users employ secure means to access networks remotely doesn’t mean that they haven’t picked up an infection elsewhere on the Internet.
This explains why current products from:



  • Trend Micro: PC-Cillin Internet Security, Network VirusWall, etc.
  • McAfee: VirusScan, Internet Security Suite, etc.
  • Symantec: Norton AntiVirus, Symantec VPN Sentry, etc.


include features that work with Check Point’s Firewall-1 and VPN-1 software. Before users can create a working VPN connection, they must not only be properly authenticated, but they must also provide information about their level of anti-virus currency. Similar efforts are underway at most other AV companies, and I’m sure most firewall vendors are either thinking about or doing something similar themselves as well.


Users who haven’t downloaded the most recent software updates and/or virus signatures won’t be allowed to connect until they’ve done so (and their systems check out as virus-free after scanning with the latest and greatest data). That may not make affected users happy, but it does provide a mechanism to prevent infected machines from establishing remote access to corporate networks.


Personally, I look at this as just one aspect of increasing client software support for checking security policy compliance before permitting remote users to access well-run networks. Similar trends are underway even for service providers: Time Warner Cable, for example, is now offering “free” anti-virus software and personal firewalls to its customers, and I suspect other ISPs are doing likewise. That’s because providing protection reduces downtime, unwanted overhead from Zombies or virus replication, and lowers overall support costs. This works as much for service providers as for enterprises, and helps to explain why things are trending so strongly in this direction.

Share on Google+Share on LinkedInShare on FacebookShare on RedditTweet about this on TwitterEmail this to someone


Posted in Archive|