Securing remote users

Nowadays, just when employees at every level want to connect through your virtual private network (VPN), it's getting increasingly difficult to enforce security policies. As a result, the network can be left open to worm and virus attacks.

According to Gartner analyst John Pescatore, companies that distribute personal firewalls, anti-virus software, and VPNs to remote users can't guarantee security, because there's no way to ensure that the remote PCs are running the required applications. How many times, for example, do you suspect your users have been prompted to update their anti-virus program, but ignored the prompts because they didn't want to interrupt their work?

That's where a new class of security policy enforcement products steps in. At N+I, InfoExpress is introducing its CyberGateKeeper Server, a new appliance scheduled to be available later this month that lets administrators enforce security policies for remote computers accessing the corporate network.

CyberGateKeeper Server works in conjunction with two existing InfoExpress products: CyberGateKeeper Agent and CyberGateKeeper Policy Manager. The Server sits between the VPN and the company network. When a remote system connects to the VPN, the Server requests audit information from the Agent.

The Server decides whether to allow or deny access to the corporate network based on policies configured by the Policy Manager. (Policies consist of rules that specify the criteria required to access the network.) If the configuration doesn't pass the audit, or if the agent isn't installed, meaning no information was returned, the Server blocks traffic to the corporate network.

InfoExpress CEO Stacey Lum says CyberGateKeeper is particularly useful in enforcing security policies for wireless users, as well as in protecting branch office connections. And Lum says that the product--which costs $6,500--can block access to the corporate network if an anti-virus program is out of date or if a personal firewall isn't installed.

Security vendors are starting to provide more sophisticated ways of managing security policies for remote users, which means your users won't be able to ignore those anti-virus update prompts anymore. And that means you're one step closer to an airtight corporate network.