An additional important component of the implementation of company wide security directives for mobile computing on hotspots is central management of client software. With central security management, the administrator also fundamentally determines the client’s firewall rules. It can enforce adherence in which the user allows no on-site possibility of an intended or unintended change. Additionally, further security-relevant parameters such as the status of virus protection programs, operating system patch status, and software release of the VPN client must be inspected upon connection to the company network. Access to the productive network is only authorized after the clearance of all security risks.
A prerequisite for secure remote access in WLANs is end-to-end security, with dynamic interlocking security technology. The use of a VPN client with an integrated, intelligent personal firewall and strong user authentication is state of the art in this scenario. The firewall rules must automatically adapt to registering onto and logging off of the hotspot, and they must be inspected within the framework of an integrated endpoint security system with each connection. Only in this way can administrators and users be consistently sure that they are securely sealing off terminal devices and data, and signing off the company network.