Securing Mobile VPNs
Two companies have formed an alliance to proivide security and authentication to remote VPN logins. Read on to see if this may plug up some holes in your scheme.
SECURITAE, a company which specializes in managed desktop security, and networking company Alcatel have announced a technology alliance that provides Mobile VPN Alcatel Virtual Private Network (VPN) mobile users with an integrated security solution that controls access to the secure VPN tunnel that exists between personal computers and corporate VPN gateways.
Mobile users and telecommuters often use a secure path to access confidential corporate information and a second open path to access Internet information. This split-tunnel scenario can open up a hole into the corporate network, allowing an unauthorized user to gain access to the corporate network through the authorized user's secure VPN connection. SECURITAE's Centrally Managed Desktop Security (CMDS) and the Alcatel Secure VPN Client claim to secure this opening.
This extended desktop solution from Alcatel and SECURITAE is intended to allow mobile administrators and security officers to enforce an access policy that cannot be subverted by the end user. Policy can be mandated that the CMDS firewall must be active and running with an approved rule set before the VPN connection can be established. The firewall will also allow the client's IPSec-based control parameters to pass through the firewall, allowing VPN tunnel establishment.