Is virus/ransomware transmittal possible via Mobile VPN?
When a remote user connects via either Mobile SSLVPN or Mobile IKEv2 VPN, is it possible for a virus, ransomware or other malware to traverse the VPN and infect the corporate network?
I have clients wanting to work from home and I can use VPN or I can use RDP with a firewall login required first to keep just anyone from seeing RDP ports.
What I am asking about is, once a connection is made via secured RDP or via VPN, wouldn't the VPN then be less secure because virus/malware/ransomware can go from the VPN-connected remote computer right onto the corporate network?
Gregg
Gregg Hill
0
Sign In to comment.
Comments
I would expect that it is possible.
Thus using the default auto-created Any packet filter to allow this access would not be desirable
I'll have to dig in to see if I can find a way to filter VPN traffic. Or just allow VPN to certain port numbers, then I can have users use RDP over the VPN, but not have something crawl up the pipe to the corporate network. I hope.
Gregg Hill
Disable the Allow SSLVPN-Users policy and add specific policies From: SSLVPN-Users that allow your VPN users to do what they need.
Proxies can help protect your corp. network.
Note the very recent SMB bug that MS just patched - so consider not allowing SMB.
https://secplicity.us13.list-manage.com/track/click?u=1bcb692e17a1463ca874e0ce2&id=bd976d87a6&e=cae878f58b