is the clientless ssl vpn more resistant to worms/viruses?

jrs91jrs91 Member Posts: 64 ■■□□□□□□□□
I have some people that want/need vpn access, but I don't really trust them to keep their home computers clean. I just configured clientless access so that I could access things from my windows 7 home computer, but I haven't done much reading on it yet. Since I'm not directly connected in the same way I would be with an ipsec vpn, I have a feeling it may be better from the worm perspective. I'm by no means an expert on VPN architecture or ASAs yet, however.


  • AhriakinAhriakin SupremeNetworkOverlord Member Posts: 1,800 ■■■■■■■■□□
    If you're only mapping specific ports then you reduce your exposure but I don't doubt there are malware authors out there who are working on it, shoudn't be too hard to locate SSL streams and probe loopbacks for connection details and then tunnel your traffic through it - you couldn't attack a non listed port but possibly attack the end server in other ways.
    In short I'd say yeah it's a bit more secure, but it's all relative.
    Cisco Secure Desktop?
    We responded to the Year 2000 issue with "Y2K" solutions...isn't this the kind of thinking that got us into trouble in the first place?
  • shednikshednik Member Posts: 2,005
    My suggestions are to enable Secure Desktop and if you don't purchase an advanced endpoint inspection license atleast configure the one it comes with to look for keyloggers. Thats what we are getting ready to implement.
Sign In or Register to comment.