Results 1 to 4 of 4

Thread: Client inspection and isolation tool in Windows Server 2003

  1. #1
    AO French Antique News Whore
    Join Date
    Aug 2001

    Client inspection and isolation tool in Windows Server 2003

    Lees also gave the first public demonstrations of several new security technologies, most notably a new "client inspection and isolation" tool, planned for the next major update of Windows Server 2003.

    The tool automatically inspects PCs trying to connect to a corporate network--including those using the often troublesome virtual private network technology for remote connections--to ensure that the machine is properly configured for basic security. If the PC is found lacking a security feature--for example, if the firewall is switched off or if the antivirus software is out-of-date--the server can remotely update it before allowing the PC to connect to the network.

    "It really helps you secure the perimeter," Lees said. "You get to frisk the client, make sure it's clean...before you let it into your network."
    Source :

    I went to a security conference host by Microsoft yesterday and I ear about this technology. If your DHCP server is running Windows 2003, the server will run a software like MSBA on the computer for basic security. Look promissing.
    -Simon \"SDK\"

  2. #2
    This is a nice idea and all, and if I could ever get my SMS to behave like it ought to I might be more inclined to like my server automating security updates. But I just can't help but think, can't Microsoft let DHCP well enough alone? I mean, they fuggered with DNS enough so I can't discuss it with *nix folks anymore without getting confused.

    I guess there willl always be the Microsoft way versus the way the rest of the Internet works.

  3. #3
    Senior Member
    Join Date
    Apr 2004
    Some vpn software can do this right now.
    For example,
    When you connect on VPN, vpn client will inspect ur computer based on some rules, like
    "if no AV active, user can only go to restricted places at corporate network"
    "if kazaa is installed, connection is refused even user was well identified"
    But at corporate network maybe good, maybe not
    You can do this right now just deploying policies that enforce policies to everybody
    Meu sítio

    FORMAT C: Yes ...Yes??? ...Nooooo!!! ^C ^C ^C ^C ^C
    If I die before I sleep, I pray the Lord my soul to encrypt.
    If I die before I wake, I pray the Lord my soul to brake.

  4. #4
    <ears perked>

    What VPN software are you referring to? I'm getting kind of sick of my VPN being really expensive and very dull.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts