Get started Bring yourself up to speed with our introductory content.

Enterprise customers are asking a lot of questions now about endpoint security. How can VPN offerin

Virtual private networks (VPNs) in enterprise settings protect the shop by launching endpoint security scans once a user tries to establish a tunnel, detect potential threats and clear temp files.

VPNs make it possible for remote sites and users to become an integral part of a private network, independent of location. But doing so adds risk. If a remote user's device happens to be infected with a virus, worm or trojan, those network-borne threats can ride the VPN tunnel right into the private network.

Most contemporary VPN concentrators incorporate features intended to mitigate these risks. For starters, many can run an endpoint security scan when the VPN tunnel is launched. If required endpoint security programs are running and up-to-date, the VPN tunnel is allowed. If not, the VPN tunnel is either denied or the user is routed to a quarantine server where they can obtain missing software or patches.

Next, during a VPN session, granular role-based policies can be used to limit what the user can do -- for example, giving someone on a home PC very narrow access to email and nothing else. In this way, an infected endpoint might not be able to penetrate the network, or to steal very much sensitive information.

Finally, after the session, most SSL VPN concentrators have the ability to clean up after themselves by removing temp files, wiping the browser cache, deleting cookies and closing the browser window. This isn't endpoint security per se, but it can help to avoid accidental data breach when VPNs are accessed from public or multi-user endpoints.

Dig Deeper on Campus area networks and services

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.