![]() Sophos ssl client download. Sophos VPN Clients. Sophos VPN ClientsSophos VPN Clients Securely connects mobile users to your headquarters One-click VPN: Simply install individual VPN packages with a click of the mouse from the Sophos UTM UserPortal. Automatic installation: The complete client installation is done within minutesno configuration required by the user. Universal access: Universally deploy Sophos VPN clients anytime, anywhere, securing access to corporate networks. Broad OS support: Major client operating systems are supported including Linux, OS X and Windows 7 and 8both 32- and 64-bit versions. Strong encryption: Supports state-of-the-art algorithms like AES256 and SHA-512 and ensures compatibility and data privacy across unsecured networks. I have a Sophos SG310 UTM. We are currently using the SSL VPN client, which can be downloaded from the user portal onto any computer. My manager doesn't like the fact that someone can install the VPN client on their personal computer, which might have some kind of malware because it isn't patched or doesn't have security software running on it. Once they connect to the VPN, that malware has complete access to our internal network and can infect it. To lock this down, I plan to replace the SSL VPN client with two other options: • For personal computers: VPN access that would only allow RDP, so users without a company laptop can still remote into their work computer without exposing everything. I am using the Sophos UTM's HTML5 VPN Portal for this. • For company computers: A VPN client that can only be installed on pre-authorized or domain computers, to ensure only company laptops can use this client and have full access to the network from outside. Some kind of pre-installed certificate would also work. I've been unable to find a Sophos option for this. Can anyone advise if there's a VPN option supported by Sophos (preferably one we can manage from the Sophos itself, like the HTML5 portal and SSL client) that would accomplish this? Thanks in advance, Dave. Thanks for all the great suggestions everyone. I liked Brad's idea, the only issue is that since everyone gets their own certificate in the configuration to connect, it's going to be a pain in the ass to deploy. It's not the kind of thing you can easily package and send out. And if something has to change in the config, it will be a pain in the ass all over again. Is there another VPN option that doesn't have to be completely customized for each user (they would still have to enter their username & pass when logging and can be deployed easily to several machines at a time? I realize the customized configs and certs are inherently more secure, but I'm afraid I'll have to trade security for convenience in this case. @jdomino: I've integrated AD with Sophos also. The issue is that I'm not trying to restrict users, I'm trying to restrict what machines the authorized users can install the clients on. The authorized users are installing the client on home computers using their AD credentials to log into the portal and download the client at home.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. Archives
March 2019
Categories |