Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
492
Views
0
Helpful
6
Replies

VPN 3030 Concentrator -- Antivirus

r-tyrell
Level 1
Level 1

‎08-19-2003 08:22 AM - edited ‎02-21-2020 12:43 PM

Is there a way to configure the 3030 to require a client to have antivirus software?

Thanks

Labels:
0 Helpful
6 Replies 6

Trickster
Level 1
Level 1

‎08-20-2003 01:48 AM

Err, no there ain't. However, if you use something like iPass (www.ipass.com) for your internet connection, that can check for the presence of AV and PFW's before allowing a connection to the Internet and subsequently to the 3030.

0 Helpful

andifur
Level 1
Level 1
In response to Trickster

‎08-20-2003 05:59 PM

Try zone labs integrity server. It looks to AV and it also does policy based gateway enforcement. Have been using it for about 1 monh now. Not bad...

0 Helpful

gfullage
Cisco Employee
Cisco Employee

‎08-20-2003 07:49 PM

Yes definately. The VPN client (from 3.6 onwards) also actually has a firewall built into it, which you can leave turned on even if the VPN client isn't running.

Other than that, you can configure the concentrator group to require that the client has anti-virus software running before it will establish a connection. We currently support (as of 4.0) BlackIce, ZoneAlarm, ZA Pro, ZA Integrity, Sygate PFW, Sygate PFW Pro, Sygate Security Agent and Cisco Security Agent.

Check the Client FW tab under the group on the concentrator, the online help has all the info you need to configure it (you don't need to do anything on the client specifically other than have the appopriate firewall SW running).

0 Helpful

r-tyrell
Level 1
Level 1
In response to gfullage

‎08-21-2003 05:36 AM

Thanks for the reply. We currently run Symantec Corporate Edition. Any plans to support Symantec in the future?

0 Helpful

poh
Level 1
Level 1
In response to gfullage

‎01-02-2004 05:06 PM

I've looked for the option to specify antivirus requirement for vpn users before they connect, but cannot find it. You have a link for this?

thx in advance...POH

0 Helpful

shannong
Level 4
Level 4
In response to poh

‎01-03-2004 10:30 AM

Cisco is releasing NAC soon. (network access control) NAC will have a client app called the Trust Agent. The next hop router inside the network can make sure the end client conforms to specifications (app versions, anti-virus client, etc) before routing the traffic from that client by communicating with the Trust Agent.

I'm sure they'll probably update the VPN concentrator to interact direclty with the Trust Agent as well as it makes obvious sense to do so.

0 Helpful
Customers Also Viewed These Support Documents