Which VPN?

  • Thread starter Thread starter Guest
  • Start date Start date
G

Guest

I am thinking about setting up a WIN 2K3 VPN on our network, b/c I understand
that WIN 2K3 has built-in functionality to verify windows service packs,
updates, hot fixes and virus definitions. Is this correct? Also, are there
any other VPN products that perform the sam efunctionality?

Thanks in advance.
 
razornt said:
I am thinking about setting up a WIN 2K3 VPN on our network, b/c I understand
that WIN 2K3 has built-in functionality to verify windows service packs,
updates, hot fixes and virus definitions. Is this correct?
Click to expand...

Mostly bu tit has nothing to do with Windows VPN capability.
Also, are there
any other VPN products that perform the sam efunctionality?
Click to expand...

You are confusing VPNs with security and update products.

Microsoft is just beginner to offer malware protection
(in Beta) so virus definitions and such are not part of their
product (yet.)

For the others there are basically three (major) approaches:

1) SUS server (Software Updates Services)
Runs on a internal IIS server and bascially transfers
the built-in Automatic Updates capability to your
internal Servers. (You need to do some setup of the
server AND tell the clients to use the internal
server which is usually done through a GPO.
(download from MS -- works for 2000+ clients)

2) MS Baseline Security Analyzer -- download from
MS, but it only REPORTS problems unlike #1 above.
It can however check stations across your network
for correct updates and correct configuration.

3) Group Policy software updates and other settings
Does NOT automatically check for random updates
(you must define what to update) but allows you to
install (most anything in theory) your chosen updates,
even for third part products if they are properly
designed.

#1 is automatic, but restricted to MS updates. #2 is also
MS only and updates nothing, but allows you to check
many machine, #3 allows you to specific most anything
and is needed to assist #1 for client settings but offers
no automatic detection of missing (random) updates.

Then there is SMS and ....
 
Sorry Herb I wasn't clear. I was under the impression that when a VPN client
attempted to access a WIN 2K3 VPN server the server would valid whether or
not the client had all of the necessary updates before access the LAN. The
blaster worm hit some orgs, b/c their employee's had systems that weren't
up-to-date and when they connected to the network ugly things happened. i
hope this clear up my questions.

Thanks again.
 
razornt said:
Sorry Herb I wasn't clear. I was under the impression that when a VPN client
attempted to access a WIN 2K3 VPN server the server would valid whether or
not the client had all of the necessary updates before access the LAN. The
blaster worm hit some orgs, b/c their employee's had systems that weren't
up-to-date and when they connected to the network ugly things happened. i
hope this clear up my questions.
Click to expand...


http://www.microsoft.com/windowsserver2003/techinfo/overview/quarantine.mspx

I think you were clear enough if I hadn't been so ignorant
of this feature -- although it doesn't really update the client
from what I can see it does allow for running scripts and
thus validating (or perhaps even doing the update...?)

I learn by answering here, but I am not usually so far off.
Thanks.

Herb
 
Back
Top