What sort of safeguards can be implemented to protect from virus
infections/trojans/etc on clients using vpn. We have clients that
only
use VPN to access our AS400, can we only allow them to use specific
ports for VPN? I know we can 'require' them to have anti-virus and
firewall etc, but we can't easily enforce that requirement.

We have av software on the servers and all our internal machines
that
is updated weekly (mcafee ePO)

Thanks,
Mike