Tech Help

[HuskyCaucasian]

While I myself am a tech guy. I have little experience with VPNs and I need some feedback.

 

My wife recently got a promotion and as part of that, she has the ability to work from home when needed (sick daughter, snow day, etc...). As part of their solution, they offer a VPN login to their network with a remote desktop app so she can access her work computer form home. Today, she got this message:

As I am sure you are aware, we don’t officially support Apple Operating Systems as we don’t supply them to our employees to be used, but we have always been more than happy to try to accommodate someone when they have a personal laptop. We are required by PCI policies to force a firewall to be enabled whenever anyone connects to our network using a VPN. The policy was enabled today on the VPN, and was the reason you were unable to connect.

 

I temporarily disabled it in an effort to understand your connection issues, and it turns out it is due to the new firewall policy we implemented today.

 

Unfortunately, I am going to have to re-enable the policy per PCI and my boss and you will not be able to connect using your MAC. Please use the supplied (windows) laptop to connect to the VPN and work from home.

 

We will be looking into a work around for MAC”s, I cannot say we will find one, and I am not sure how soon we can get to it as it is not a priority. If we do find a fix we will let you know.

 

It was always my understanding that a VPN is a VPN. A firewall shouldn't be discriminating the operating system. Am I wrong?

[kapkomet]

No, your premise is not right. These VPN's work directly with the OS.

 

[Y2HH]

Sounds like your wife works for an insurance company.

 

Often they have "packages" that work together with other software to verify you are secure, not only via encryption, but secure from viruses, malware, etc. The process is probably something simple which verifies certain services are running on your PC upon connection and if they aren't, it terminates the VPN session. With VPN packages like this (proprietary) there may not be much you can do.

[southsideirish71]

Sounds like your wife works for an insurance company.

 

Often they have "packages" that work together with other software to verify you are secure, not only via encryption, but secure from viruses, malware, etc. The process is probably something simple which verifies certain services are running on your PC upon connection and if they aren't, it terminates the VPN session. With VPN packages like this (proprietary) there may not be much you can do.

 

Exactly. They are probably running some sort of admission control program that does a few checks. This is not a technology issue of the Mac firewall versus another. Its a policy decision by the business to provide an audit trail for PCI compliance. They have to have the ability to prove that they have provided adequate security measures or get decked with fines. Their package is probably certified to run on X products, and X builds of software.

 

 

 

[HuskyCaucasian]

Exactly. They are probably running some sort of admission control program that does a few checks. This is not a technology issue of the Mac firewall versus another. Its a policy decision by the business to provide an audit trail for PCI compliance. They have to have the ability to prove that they have provided adequate security measures or get decked with fines. Their package is probably certified to run on X products, and X builds of software.

thanks for the feed back. i sent the e-mail to one of the tech volunteers I work with and he said pretty much the same thing. It's a security policy thing, rather than a VPN thing... the e-mail is a bit misleading in that way. It's all starting to make sense now. I also had never heard of "PCI policies" before. so, this was a new one for me.

Edited March 9, 2009 by Athomeboy_2000

[HuskyCaucasian]

Thumbs up to all my fellow tech geeks. thanks for the help.