VPN-Q 2008 helps secure your VPN connections by checking the health state of remote endpoint machines while they are isolated in a VPN quarantine network. Threats from viruses, worms, hackers and malicious users are everywhere! By ensuring that remote PC’s connecting to your network have up-to-date anti virus software, a personal firewall enabled and patches installed, to name a few features, these threats can be significantly reduced.
VPN-Q 2008 introduces a new member to the lineup – the Express Edition! Unlike VPN-Q 2006, there will no longer be a Free or Standard Edition. Customer feedback told us that the Standard Edition feature set did not suit requirements well enough and a mix of the Free Edition and Standard Edition would be ideal – hence Express Edition. VPN-Q 2008 is expected to release Q3 2008.
VPN-Q 2008 has a new quarantine service and no longer relies on the Microsoft RQS service. The new service allows for many new features which were not previously possible. Because the services are totally separate, migration from 2006 to 2008 is made easy as they can both co-exist on the same ISA server giving you chance to gradually upgrade your VPN-Q clients.
The licence file is no longer included in the client setup package, which makes it easier to change licence files and also helps to prevent licence file theft. To reduce activation connectivity issues, the new quarantine service will process activation requests with our activation server so that the VPN clients no longer need to do this directly. The new quarantine service also acts a policy server, the new VPN-Q client receives its policy directly from the ISA server and does not require AD group policy. This means that unmanaged & non-domain joined PC’s must also now conform to your VPN security policy. You can still make use of AD group policy if you wish, but any setting explicitly set on the VPN server will take priority.
AD computer groups can also be used to restrict which PC’s are allowed to be used for VPN access – not just users. Simply create an AD group containing computer accounts and tell VPN-Q which group to use. If a VPN connection is not made from a PC in that group they will not be able to clear quarantine regardless of their health state. Manual computer objects can also be created in AD for non-domain joined PC’s by specifying the PC’s hardware GUID.
Some new features include:
- AD Computer group membership
- Customer security checks via signed script (not yet included in beta 1)
- Built on MS .NET 2.0 managed code
- Multiple VPN endpoints from a single dialer
- Native Smart Card, RSA SecurID, Aladdin authentication
- Custom VPN client branding
- Flexible VPN client configuration and customization
- Easier licensing implementation and models
- Fast client side checking
- Policy enforcement on non-domain joined VPN clients
- Central Management of policy via AD or ISA Server
- Run custom action scripts before and after quarantine release
For more information and download, check out: http://www.winfrasoft.com/vpnq2008beta.htm
Thomas W Shinder, M.D., MCSE
Sr. Consultant / Technical Writer
Prowess Consulting www.prowessconsulting.com
PROWESS CONSULTING documentation | integration | virtualization
Email: [email protected]
MVP — Forefront Edge Security (ISA/TMG/IAG)