Comment Probably the most fun (Score 1) 1016
Nothing a AR50 with
Comment Cisco CSA/Check Point Integrity (Score 1) 782
So we have about 3000 laptops in our organization. Mostly Win2K Pro, some XP pro. Users only have power user rights, and we're so far behind on patching it's not even funny (can you say SP2 with 1 or 2 hotfixes?). Their machines are so overrun with Spyware that some web apps won't even run.
Due to our desktop team's negligence in patching (even though we own Altiris), I've been taking a hard look at Cisco's Secure Agent... It's really robust, but it complains about ANYTHING trying to do ANYTHING (think Zonealarm from hell), the Altiris client apparently needs 'self modifying code' to run, KlipFolio tries to make a network connection and all sorts of alarms go off, and most spyware still ends up installing anyway. I've been spending some time with Cisco, and I'm sure I'll be spending more, but this looks like an uphill battle the entire way.
Another 'solution' I'm looking at is the Check Point Integrity VPN client (Check Point sucked up Zone Labs last year)... Instead of my clients using traditional VPN software, we'd look at deploying an SSL-type-VPN with Integrity. Basically, everytime you make a VPN connection back to our office, your machine gets scanned for spyware (this would hold true for Internet kiosks as well as their home PCs and even corporate PCs)... Depending on how infuckted you are, you can define different access levels (keylogger = no access, normal cookie crap and a couple Browser Helper Objects, you get access to webmail only. You're clean? Congrats, you get the Intranet and network drive shares). It sounds great and all, but I can't say I've had time to see if the rubber meets the road. Read for yourself, more info here and here.
This is definitely a very interesting 'ask slashdot', and I'll be keeping my eye on the ideas presented.
Due to our desktop team's negligence in patching (even though we own Altiris), I've been taking a hard look at Cisco's Secure Agent... It's really robust, but it complains about ANYTHING trying to do ANYTHING (think Zonealarm from hell), the Altiris client apparently needs 'self modifying code' to run, KlipFolio tries to make a network connection and all sorts of alarms go off, and most spyware still ends up installing anyway. I've been spending some time with Cisco, and I'm sure I'll be spending more, but this looks like an uphill battle the entire way.
Another 'solution' I'm looking at is the Check Point Integrity VPN client (Check Point sucked up Zone Labs last year)... Instead of my clients using traditional VPN software, we'd look at deploying an SSL-type-VPN with Integrity. Basically, everytime you make a VPN connection back to our office, your machine gets scanned for spyware (this would hold true for Internet kiosks as well as their home PCs and even corporate PCs)... Depending on how infuckted you are, you can define different access levels (keylogger = no access, normal cookie crap and a couple Browser Helper Objects, you get access to webmail only. You're clean? Congrats, you get the Intranet and network drive shares). It sounds great and all, but I can't say I've had time to see if the rubber meets the road. Read for yourself, more info here and here.
This is definitely a very interesting 'ask slashdot', and I'll be keeping my eye on the ideas presented.
Slashdot Top Deals
"Religion is something left over from the infancy of our intelligence, it will fade away as we adopt reason and science as our guidelines." -- Bertrand Russell
