I would be interested in hearing the experiences with "context aware" policies (called "adaptive" by some vendors). The thought is implement a minimal policy for "off-site" (perhaps only allowing VPN access back to corporate and a few company-sanctioned web services) and a more open one for the corporate LAN (implementing a default allow specifically blocking known malware).

Thoughts?

[ reply ]

Link to this comment: http://www.securityfocus.com/comments/infocus/1867/620#620