Yes we severely restrict what they can do on the remote network. No kids. No saved paswords. Firewalls on. Updates on. We select what AV and when it updates. We select the anti spy ware. We selct the ISP. We remove napster like software, messenger etc. We also educate them why we do this and what could happen to their business network if something goes wrong. We select the hardware, Pc's switches AP the lot. Starting to use Cisco AP's to ensure secure wireless inside the home. This also means the ISP can remotely monitor the AP if needed. Preferably they have snapgears at home as well as the office. Really only works when the client agrees that we also manage their soho network.
Starting to think we need to run separate networks in the soho enviornment so that the kids computers are completely isolated from the parents pc's. Has anyone implemented that with a snapgear ? Security ploicies are great but how many people read them, very few. Telling them some of the bad things that can happen generally ensures they want to comply. Andrew.C -----Original Message----- From: Ian Cheong [mailto:[EMAIL PROTECTED] Sent: Thursday, 8 March 2007 10:06 PM To: [EMAIL PROTECTED]; General Practice Computing Group Talk Subject: RE: [GPCG_TALK] Internet redundancy At 7:59 am +1000 8/3/07, Andrew wrote: >Hi Pete, >What wrong with pptp vpn-ing to a snapgear and then rdp-ing into the >server or PC ? >The pptp is only up for when it is getting used. The rdp is only used >inside the vpn. > >Andrew.C No problem if you have control of the security of the remote network. Try writing and implementing a security policy that ensures this risk is managed and then tell us how easy it was. Ian. > -- Dr Ian R Cheong, BMedSc, FRACGP, GradDipCompSc, MBA(Exec) Health Informatics Consultant, Brisbane, Australia Internet: [EMAIL PROTECTED] (for urgent matters, please send a copy to my practice email as well: [EMAIL PROTECTED]) PRIVACY NOTE I am happy for others to forward on email sent by me to public email lists. Please ask my permission first if you wish to forward private email to other parties. _______________________________________________ Gpcg_talk mailing list [email protected] http://ozdocit.org/cgi-bin/mailman/listinfo/gpcg_talk
