Gatekeeper
by Volker Weber
I have seen a security solution, but I can't remember the vendor, or how it works. Here is what happens:
You dial into a VPN. You log in with user name, pin and Secure-ID. After your credentials are checked, a browser windows opens, loads an ActiveX which scans your computer. In case you need them, it will install the latest anti-virus updates, and reload the policies in your personal firewall. After your computer has been approved, you get access to the company network.
This seems to be a smart solution. Who is offering software which does that?
Comments
Just one question: What happens if you have disabled ActiveX because of security issues?
whale communications ssl vpn gateway checks client-side security. even on non-ie browsers.
SecureClient von Check Point plus natürlich dem ACE-Server von RSA.
Da gibt's natürlich auch was von Cisco ;-)
Die VPN 3000 Access Concentrator Serie hat
"Network Admission Control (NAC)", das Ganze
gibt's auch als Appliance (Cisco Clean Access)
oder für größere Router...
We use Zen by Novell and its a PITA.
The technology you are looking for is called SSL VPN and it's pretty much an established market in the US and UK, maybe two years ahead of Germany. Individual vendors' definitions of the term still vary. Some implementations require client components to work even for web apps (since they tunnel network connections), some don't. Of those that don't, most choke on complex applications like iNotes or SAP if you're not tunneling network connections (hence not relying client components) since the gateway will have to rewrite URLs in links, JavaScript, Cookies, Referer headers etc. which may require application knowledge. You may want to have a look at this German Wikipedia article.
To get a grasp of the challenges involved in re-writing web applications for central access, you could experiment with Apache's mod_proxy, mod_proxy_html modules with complex web apps.