نمایش نتایج: از شماره 1 تا 4 از مجموع 4

موضوع: Quarantined VPN Clients

  
  1. #1


    عضو غیر فعال شناسه تصویری haj mohsen
    تاریخ عضویت
    Dec 2005
    محل سکونت
    Esfahan
    نوشته
    69
    سپاسگزاری شده
    4
    سپاسگزاری کرده
    4

    Icon14 Quarantined VPN Clients

    Quarantined VPN Clients
    كسي در اين مورد چيزي مي دونه؟
    اگه يه توضيح كلي در مورد VPN توي ISA هم بدين ممنون ميشم.



    موضوعات مشابه:

  2. #2
    نام حقيقي: Alireza Khosravi

    عضو عادی شناسه تصویری irarkh
    تاریخ عضویت
    Jun 2005
    محل سکونت
    Tehran
    نوشته
    753
    سپاسگزاری شده
    79
    سپاسگزاری کرده
    21
    Quarantine Control overview


    Quarantine Control provides phased network access for remote clients, also known as virtual private network (VPN) clients, by restricting them to a quarantine mode before allowing them access to the network. After the client computer configuration is either brought into or determined to be in accordance with your organization's specific quarantine restrictions, standard VPN policy is applied to the connection, in accordance with the type of quarantine you specify. Quarantine restrictions might specify, for example, that specific antivirus software is installed and enabled while connected to your network. Although Quarantine Control does not protect against attackers, computer configurations for authorized users can be verified and, if necessary, corrected before they can access the network. A timer setting is also available, which you can use to specify an interval at which the connection is dropped, if the client fails to meet configuration requirements.

    With ISA Server, you can select how to enable quarantine mode:
    • Enable quarantine mode, using RADIUS server policies. This option is available only when ISA Server is installed on a computer running a member of the Microsoft® Windows Server™ 2003 family. When you select the Quarantine according to RADIUS Server policies option, when a VPN client attempts to connect, ISA Server determines whether the client will be subject to quarantine. After the client clears quarantine, the client unconditionally joins the VPN Clients network.
    • Enable quarantine mode, using ISA Server. This option provides use of the Quarantined VPN Clients network, for which you can set firewall policy. This option does not require Routing and Remote Access functionality, and therefore is available when ISA Server is installed on a computer running Windows® 2000 Server.
    You can also choose to disable quarantine mode.
    Quarantine Control is an option available to you as a means of controlling the compliance of VPN clients with your corporate security requirements. Note that when quarantine mode is disabled, all remote VPN clients with appropriate authentication permissions are placed in the VPN Clients network, and will have the access you have allowed the VPN Clients network in your firewall policy.

    Quarantine Control for ISA Server works with Routing and Remote Access to provide a means of restricting VPN client access to corporate networks. With ISA Server, you can require that a newly connected VPN client is assigned to the Quarantined VPN Clients network, with a restrictive firewall policy, until the client's Connection Manager indicates that the client is in compliance with corporate connection policy.

    Quarantine Control relies on the Connection Manager (CM) profile you create for your VPN clients. CM profiles are created with the Connection Manager Administration Kit (CMAK) provided in Windows Server 2003 and Windows 2000 Server. The CM profile contains:
    • A post-connect action that runs a network policy requirements script, configured when the CM profile is created with CMAK.
    • A network policy requirements script that performs validation checks on the remote access client computer to verify that it conforms to network policies. This can be a custom executable file or a simple command file (also known as a batch file). When the script has run successfully and the connecting computer has satisfied all of the network policy requirements (as verified by the script), the script runs a notifier component (an executable) with the appropriate parameters. If the script does not run successfully, it should direct the remote access user to a quarantine resource such as an internal Web page, which describes how to install the components that are required for network policy compliance.
    • A notifier component that sends a message indicating a successful execution of the script to the quarantine-compatible ISA Server computer. You can use your own notifier component or you can use Rqc.exe, which is a sample provided with the Windows Server 2003 Resource Kit. With these components installed, the remote access client computer uses the CM profile to perform network policy requirements tests and indicate its success to the ISA Server computer as part of the connection setup.
    Note
    • For VPN connections to be established using ISA Server policies, you must disable the quarantine feature in the remote access policies (RAP) that could be stored in a Remote Authentication Dial-In User Service (RADIUS) server or a Windows authentication provider. Do the following:
      1. Open Computer Management and expand the Routing and Remote Access node.
      2. Select Remote Access Policies.
      3. In the details pane, double-click each policy to open its properties, and click Edit Profile.
      4. On the Advanced tab, remove MS-Quarantine-IPFilter and MS-Quarantine-Session-Timeout from the attributes list.









  3. #3


    عضو غیر فعال شناسه تصویری haj mohsen
    تاریخ عضویت
    Dec 2005
    محل سکونت
    Esfahan
    نوشته
    69
    سپاسگزاری شده
    4
    سپاسگزاری کرده
    4
    مرسي

    اما فكر ميكنم ااين help آيزا ست نه؟
    من دنبال يه راهنمايي كلي (البته فارسي باشه بهتره) هستم .



  4. #4
    نام حقيقي: Alireza Khosravi

    عضو عادی شناسه تصویری irarkh
    تاریخ عضویت
    Jun 2005
    محل سکونت
    Tehran
    نوشته
    753
    سپاسگزاری شده
    79
    سپاسگزاری کرده
    21
    عجب ! هلو برو تو گلو ؟ Source هاي ديگه هم هست ولي متاسفانه بنا به انگليسي بودن فكر نمي كنم به كارتون بياد .توضيح بالا كاملا واضح و مشخصه سوال ديگه اي داشتيد بپرسيد تا دوستان كمكتون كنند.



کلمات کلیدی در جستجوها:

quarantined vpn client

توضیح درباره VPN quarantine

توضیح درباره در ISA SERVER VPN quarantine

برچسب برای این موضوع

مجوز های ارسال و ویرایش

  • شما نمی توانید موضوع جدید ارسال کنید
  • شما نمی توانید به پست ها پاسخ دهید
  • شما نمی توانید فایل پیوست ضمیمه کنید
  • شما نمی توانید پست های خود را ویرایش کنید
  •