Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
769
Views
0
Helpful
2
Replies

Security concerns around Web VPN / RDP

satishcp
Level 1
Level 1

‎04-26-2010 05:27 AM

Hi All,

Just curious to know security risks of allowing RDP to a system on company network through Cisco Web / SSL VPN from usually unsecured / unmanaged employees personal laptops / home PCs?

This is needed to strategize new VPN policy for the org.  Any inputs would be highly appreciated.

Thanks,

Satishcp

Labels:
0 Helpful
2 Replies 2

trippi
Level 1
Level 1

‎04-30-2010 11:07 AM

I would suggest using The Endpoint assessment tool built into the Anyconnect/ASA to check for the existence of up to date AV and patches....or use a 3rd party tool to do this.

0 Helpful

Paul Carco
Level 1
Level 1

‎04-30-2010 11:30 AM

We use the posture assessment extensively and have different tiers of access.  In short, if a user is connecting with a laptop that has been imaged and is managed by us and all the proper security controls are in place then they can use AnyConnect  thus providing full network access.

We make use of the RDP java plug-in on the Web Portal for users connecting with a non-corporate asset but they at the very least must have up to date AV and a personal FW installed.

No AV or FW - very limited access to a small subset of web resources.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents