Cisco ASA 5510 require IPSEC clients to have XP firewall turned on
Posted on 2009-02-12
Due to "PCI" requirements, we are required to check whether clients have a firewall installed/enabled and if not force them to install or turn it on. Some employees use their personal home PC's to VPN to our network. For our employees we would like to make certain that the machines they are using to VPN in with have the Windows XP firewall turned on.
I know that with the Cisco ASA device we can force the specific Group Policy to check for a specific type of firewall installed on the client. I also know that the XP firewall doesn't always play nicely with the Cisco VPN, we will deal with that ourselves.
There are several firewalls selectable from the "Firewall Type" section when enabling the firewall requirement on the GP on the ASA, XP firewall is not one of them and at the moment we are not prepared to support any other third party firewalls, even if they are free. So we would like to select "custom firewall" and add the XP firewall as the firewall type. In order to do so, you have to select the "Vendor ID" and "Product ID" which I have bene unable to find after several days of searching. Does anyone now the Vendor and Product ID's for the XP firewall and has anyone gotten this to work?
Any help is greatly appreciated.