What is a Quarantine Network?
A quarantine network is a type of network that ensures safety by verifying the security of connected devices and allowing only safe devices to connect. For example, it may check if connected PCs are infected with viruses and deny access to the network if a virus is detected. This functionality prevents malware infections within the network by isolating compromised devices.
Quarantine networks typically operate using the following three steps:
Step 1: Inspection
The connected device is temporarily placed in a dedicated inspection network segment, where it is checked for virus infections, antivirus software version, OS patch application status, and other security conditions.
Step 2: Connection/Isolation
Devices that pass the inspection without issues are connected to the main internal network. Devices with detected issues remain isolated within the inspection network.
Step 3: Remediation
For isolated devices, a dedicated remediation server administers fixes, such as updating antivirus software or applying OS patches. After remediation, the device is inspected again by returning to Step 1.
When implementing a quarantine network for remote access endpoints, deploying F5 BIG-IP Access Policy Manager (APM) can be highly effective. APM includes functionality to check endpoint security requirements before granting access.