Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Security concerns around Web VPN / RDP

Hi All,

Just curious to know security risks of allowing RDP to a system on company network through Cisco Web / SSL VPN from usually unsecured / unmanaged employees personal laptops / home PCs?

This is needed to strategize new VPN policy for the org.  Any inputs would be highly appreciated.

Thanks,

Satishcp

Everyone's tags (2)
2 REPLIES
New Member

Re: Security concerns around Web VPN / RDP

I would suggest using The Endpoint assessment tool built into the Anyconnect/ASA to check for the existence of up to date AV and patches....or use a 3rd party tool to do this.

New Member

Re: Security concerns around Web VPN / RDP

We use the posture assessment extensively and have different tiers of access.  In short, if a user is connecting with a laptop that has been imaged and is managed by us and all the proper security controls are in place then they can use AnyConnect  thus providing full network access.

We make use of the RDP java plug-in on the Web Portal for users connecting with a non-corporate asset but they at the very least must have up to date AV and a personal FW installed.

No AV or FW - very limited access to a small subset of web resources.

515
Views
0
Helpful
2
Replies