Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

Thread Info
  • State Verified Answer
  • Replies 4 replies
  • Answers 1 answer
  • Subscribers 40 subscribers
  • Views 1004 views
  • Users 0 members are here
Options
Suggested

Blocking devices from accessing network without vpn

Reem Jalal Eddine

hi,

we had an incident where when of our devices had an attempt of access but with failure due to wrong password trials. I an suspecting that this device was on an unknown network outside our organization due to work from home policy we have. Is there any way we can block people from accessing the network other than our domain network unless they vpn? or any other better ideas? 

Thanks 



Edited TAGs
[edited by: Erick Jan at 1:43 AM (GMT -7) on 16 Oct 2024]
Parents Reply
  • 0 in reply to Wayne Folta

    What i meant is that some users take work devices outside the organization and connect to other networks, if they need to access the org resources they have to vpn, but my concern is on the data which is already on the laptop or if any kind of threat that can be transmitted after they connect to our network when they are back to office. The last attack attempt happened when the user was connected from their home network. Hope i explained the situation properly. 

Children
  • +1 in reply to Reem Jalal Eddine

    Hello  ,

    As they need to connect to the VPN to access the resources of your local network. It is advisable to have endpoints installed to secure transmission. 

    We can control incoming connection for the VPN establishment by allowing specific network range in Local ACL. However, as the end user IP changes they are likely to be updated in the firewall else they will not be able to connect VPN.

    Mayur Makvana
    Technical Account Manager | Global Customer Experience
    Sophos Support Videos | Knowledge Base  |  @SophosSupport | Sign up for SMS Alerts |
    If a post solves your question please use the 'Verify Answer' button.

  • 0 in reply to Reem Jalal Eddine

    These devices are owned by the company, correct? If so, you should look at things like Sophos' Intercept X endpoint software, which allow you to control user actions on the device and can scan for viruses, etc. You would need to make sure that the user does NOT have admin access: you control the admin login and the user gets a non-admin login. They may not like it, but that's too bad -- it's your device, not theirs. If the devices are their own, that's another matter., of course.

    You manage Intercept X via Sophos Central (cloud). You can restrict things like usage of USB devices, what software can run, what websites can be accessed, etc, and can see activity reports.

    I think you can use Intercept X to only allow connections to your domain (and anything that's needed to set up a VPN connection like Cloudflare DNS servers, etc).

Unfiltered HTML