what does this mean IT folks

we have a pretty lax it policy (i can view the interwebs relatively at will, excluding obvious no-no's like porn, etc)

will this limit me probably? clearly it will be more monitored im sure

Quote :

"To All Staff that use laptops: We will be making some changes to the way that you connect to the Internet with your laptop to better protect the laptops against viruses, Trojans and worms. Currently we have four layer of defense against threats on our network: 1. Spam Firewall (which filters nearly almost all spam e-mail and viruses sent to ) 2. SonicWALL firewall with anti-virus and spy ware protection (protects you when you’re surfing the web at the office) 3. Symantec on our Exchange Server (catches threats that the spam filter doesn’t pick up before it gets to your Inbox) 4. Symantec on the desktop or laptop (a last resort of defense if the threat makes it through the first three layers) Currently we have the systems setup to connect to any public wireless Internet connection or home connection without tunneling back to first. With this method in place, we are very vulnerable to threats because we are relying on the laptop for protection or your home Internet router for protection while completely bypassing three layers of our defense and only relying on Symantec on your laptop. This has proven to be very unsecure as we’ve had numerous instances where laptops have become infected when used outside of the office. Laptops are property of and our Internet browsing policies remain in effect even when you’re not at work but still using these devices. With the new configuration, we will be installing the VPN on the laptops and this connection must be active prior to launching Internet Explorer or any other browser. This will allow all of the Internet traffic to securely run through all four layers of defense once again via the VPN connection while preventing the machines from bypassing our firewall that we have in place to secure our network. The same filtering rules will then apply regardless of where your connecting, ensuring that your machine is just as secure away from the office as it is while you’re in the office. We hope to eliminate most, if not all downtime for our staff members by implementing this new policy due to machines becoming infected with threats of various nature. This should make your Internet browsing and using the PC more efficient over time. Thank you for your cooperation "

5/19/2009 2:35:31 PM

You should see no change in your surfing, unless your IT staff starts blocking IPs, or the sites that you go to are already dangerous and sonicwall flags them by default. However, based on how the email reads, your IT is just taking preventative measures to protect the network and has better things to do than monitor your traffic. Beware the IT guy with admin privs with no work to do and tons of people to be a dick too. I guess you could say it's awesome for your network, but the average user shouldn't see any change in their ability to surf, so it's really just more software to slow down your laptop, lol.

[Edited on May 19, 2009 at 3:45 PM. Reason : -]

5/19/2009 3:36:08 PM

this just means you have to go thru your work VPN when using your laptop out of the office.

thats the only change happening

this means your internet browsing outside of work will be slower, but no huge impact (as long as the vpn works)

5/19/2009 4:09:22 PM

they aren't going to be able to force you to open the vpn client - i wouldn't view this as a big deal at all

the only thing you'll perhaps notice is web browsing is slowed when the vpn is connected

if they do try to force you to open the vpn client there will surely be a workaround that tech talk can come up with

5/19/2009 4:59:52 PM

Quote :

"they aren't going to be able to force you to open the vpn client"

ding ding ding

5/19/2009 5:01:02 PM

I think CSA or CSSC or whatever they're calling the cisco security client these days can force this type of policy, as can competing products, but there's always a way around it or to disable it.

5/20/2009 9:07:53 AM

no visible change to you, other than maybe some slowness in browsing at home. As they say its a security measure, which is very good.

5/20/2009 10:27:50 AM

it could in fact be very bad. who knows what whether the vpn will be forced and more importantly what the upload bandwidth at work, looks like. at peak hours it could be abysmal.

could

5/20/2009 6:49:24 PM

We use the Cisco VPN client and while it's simple to make it launch before you log onto the machine, it's not trivial to prevent me from just turning it off.

Even if they were to use the built-in VPN within Windows XP, it's a simple matter of disabling it. If you don't have administrative access on the laptop they've given you, then you don't want to be using that for anything except connecting into the VPN for work anyway. Use your own hardware to surf porn.

5/21/2009 8:50:18 AM