Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Westi on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Netscreen-Remote/firewall

Status
Not open for further replies.
dgh2000

dgh2000

MIS
Jan 2, 2002
51
US
Hello,

I have several laptops that use Netscreen-Remote to connect to Netscreen 100 for VPN. Laptops are starting to use hotel LAN and WIFI areas to connect. I am concerned since I currently don't have firewall protection on the laptops. What do you use or suggest to use for local laptop firewall to protect it (and thus my network). Laptops are running Win 2K and >7 NR but not all current version of NR

Dave
 
Sort by date Sort by votes
You have to be very careful with using firewall software with NS Remote. I and many others have noticed a severe problem between the virtual adapter provided by SafeNet and firewall software. When the firewall is enabled the virtual adapter will not load. I have experienced this with McAfee Personal Firewall and Win XP Pro's built in firewall. This is especially the case with the current version and earlier versions of NS Remote.

It appears you are in a pickel however, all is not lost. I would have the users disable NetBIOS over IP so that way their computer name cannot be resolved to an IP address - one of the first things a hacker checks on a network. In addition, disabling the messenger service might help as well. Also, you can configure the local policies on the laptop machine to disallow users to connect to the machine on the network remotely. Lastly, turn-off shares and disable WBEM services. A little complexity in passwords and shutting down common SNMP ports can help.

That is the best I can do for you. Most firewall software prevent access to certain services and ports. All configurable through their software. Anyway, good luck.


Paul
 
Upvote 0 Downvote
Thanks! It gives things for me to start with for sure.

Have you ever used the Netscreen Remote Security Client? Missed it on their website earlier- seems to have a client firewall from Sygate. They are of course recommending it for client firewall and capatibility with Netscreen-Remote. It looks like it is sold as a separate product but is basically the VPN Netscreen-Remote + client firewall.

Dave
 
Upvote 0 Downvote
Yeah, I've seen it but I didn't venture to buy it because we already had McAfee 6.0 with Firewall for all our machines. To acquire additional firewall protection would be hard to justify to my boss.

Well, good luck. You might think about purchasing a few copies of the VPN/Firewall NS Remote for the several mobile clients you do have. It my save you a lot of headaches and work. Good luck.

Paul
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

TheFireman2
  • Locked
  • Question
Help with Watchguard Firebox M200 setup as a TMG 2010 replacement with ASA 5515 as main firewall
Replies
1
Views
223
hairlessupportmonkey
hairlessupportmonkey
Tommy_T
  • Locked
  • Question
Sonic wall - Have an issue remotely connectioning VNC and SMB (and AFP) to one of the 2 ISP circuits
Replies
1
Views
578
nnaarrnn
nnaarrnn
hall5942
  • Locked
  • Question
open firewall port on 881
Replies
0
Views
145
hall5942
hall5942
hall5942
  • Locked
  • Question
open firewall port on 881
Replies
0
Views
140
hall5942
hall5942
MeesterDull
  • Locked
  • Question
Can't remote into my SonicWall
Replies
0
Views
107
MeesterDull
MeesterDull

Part and Inventory Search

Sponsor

Back
Top