DPI-SSL vs SSL VPN's
Hey guys,
Are DPI-SSL VPN's all the craze they are being said to be or does a traditional SSL VPN over a next-generation IPD/IDS firewall an acceptable practice.
Like If I were to implement a NAC remediation/quarantine solution with a separate vlan to a WSUS server for Windows updates and and a AV update server for AV definitions for the remote domain-connected PC would these even be needed if DPI-SSL VPN's were implemented, at-least from the perspective of AV?
On this same topic, does anyone know how to make traffic get filtered on a flag that if a remote user's PC is missing a windows update that it can be sent to a remediation server. I mean the only thing I can think of doing it making all VPN connection to connect to a quarantine network regardless if their safe or not, get scanned or checked, and then pushed on their way to the destination they require like say a file server for say AutoCAD drawings as a common example.
Deep Packet Inspection is new to me, so I'm curious if it alters previous status quo's of a SSL VPN logic and if it allows you to do less NAC processes.
I'm always thinking about how to make a network/system more secure so the thought of checks and balances on remote sessions into corporate assets for the sake of making sure all connections over external connections are indeed, secure, basically in all aspects of the word.
Are DPI-SSL VPN's all the craze they are being said to be or does a traditional SSL VPN over a next-generation IPD/IDS firewall an acceptable practice.
Like If I were to implement a NAC remediation/quarantine solution with a separate vlan to a WSUS server for Windows updates and and a AV update server for AV definitions for the remote domain-connected PC would these even be needed if DPI-SSL VPN's were implemented, at-least from the perspective of AV?
On this same topic, does anyone know how to make traffic get filtered on a flag that if a remote user's PC is missing a windows update that it can be sent to a remediation server. I mean the only thing I can think of doing it making all VPN connection to connect to a quarantine network regardless if their safe or not, get scanned or checked, and then pushed on their way to the destination they require like say a file server for say AutoCAD drawings as a common example.
Deep Packet Inspection is new to me, so I'm curious if it alters previous status quo's of a SSL VPN logic and if it allows you to do less NAC processes.
I'm always thinking about how to make a network/system more secure so the thought of checks and balances on remote sessions into corporate assets for the sake of making sure all connections over external connections are indeed, secure, basically in all aspects of the word.