Panda Software has made a beta release of software designed to screen VPN clients before allowing them access to closed networks.
The company's VPNSecure product is meant to solve the problems associated with insecure VPN clients introducing malware to closed networks as well as prevent split tunneling (define).
VPNSecure uses what Panda refers to as a "scan and block" approach to clearing clients for VPN access. The software checks clients to make sure they're up-to-date on antivirus software updates and that the client's firewall software is operating. Additionally, it scans the client's system memory for evidence of processes related to known worms, spyware or other malware and blocks them before allowing access to the VPN.
Panda says the software also protects against split tunneling, which allows clients to set up selective routing of network traffic over both VPN and non-VPN interfaces. Though the practice eases the burden on enterprise networks and removes the latency involved with connecting to the Internet through a VPN, it introduces security concerns. For instance, a malicious person could gain access to sensitive corporate data by compromising a client through the more vulnerable, non-VPN interface. Panda says it provides protection against the practice by disabling split tunneling before permitting a VPN connection.
The software is managed over a Web interface, and includes provisions for dealing with SSL-based VPN connections, such as those initiated from Internet kiosks and business centers by downloading a component that scans the client system and removes cookies, browser history, and temporary files once the VPN connection is terminated.
The beta release of VPNSecure is available from Panda's Web site. System requirements include a 2GHz or better x86 system with a gigabyte of RAM running Windows 2000 Professional or Windows 2003 Server; or a Linux-based server with the same hardware specs running Red Hat's Advanced Server 2.1.