I've seen it done, successfully, in an extremely large enterprise. I don't know how it was done exactly (never got the opportunity to ask), but i thought it was a neat idea.
-- Sent from my iPad On Oct 7, 2010, at 8:32 PM, Peter Evans <[email protected]> wrote: > On Thu, Oct 07, 2010 at 04:32:41PM -0800, Rob, grandpa of Ryan, Trevor, Devon > & Hannah wrote: >> http://bit.ly/cD4bXo > > sends you to here: > > > http://blogs.technet.com/b/microsoft_on_the_issues/archive/2010/10/05/the-need-for-global-collective-defense-on-the-internet.aspx > >> Having been around this field for a while, I can pretty much guarantee that >> this is >> easier to pontificate about than to do. > > > M$ had this working in 2005 with the corpulent intranet. > > Once I connected (with a smart card no less) to the vpn gateway, it > would give me a quarantine IP until it was happy that my PC was up to > the corpulent rules, ie, > > CA ETrust Antivirus was up to date. > All current patches and stuff applied. > (No badness found?) > > Once it did this, which might take a minute, more if it deems you need > stuff, which it automatically applies, it then gave you an IP address > that you could use and you were on your way. > > One of the nice features of this was that you could just start your > VPN with a fresh install and let it take care of making it M$ approved, > completely paws off. > > > P > > _______________________________________________ > Fun and Misc security discussion for OT posts. > https://linuxbox.org/cgi-bin/mailman/listinfo/funsec > Note: funsec is a public and open mailing list. _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
