Home page logo

basics logo Security Basics mailing list archives

RE: Sharing internet through Citrix (or better solution) in isolated network?
From: "TVB NOC" <tvbnoc () temeculavalleybank com>
Date: Mon, 5 Nov 2007 08:52:35 -0800

I was in an environment where all services ran under Citrix PS4
including Internet. From a security standpoint it made things easier, we
only had to deal with isolating a single subnet for Internet access...
Proxy configurations, Firewall configurations, majority of changes
surrounding security became simpler to deal with...

-----Original Message-----
From: listbounce () securityfocus com [mailto:listbounce () securityfocus com]
On Behalf Of Hamid . K
Sent: Monday, November 05, 2007 6:41 AM
To: security-basics () securityfocus com
Subject: Sharing internet through Citrix (or better solution) in
isolated network?

Hi list ,

I`m preparing solution for providing internet-access to internal
users . What I`m looking for is a solution that completely isolate
internet usage and internal systems.

I`m thinking about publishing internet through Citrix based solution,
and keep everything restricted on citrix server/sessions.
But I though there must be better solutions ,as using Citrix p.server
for such case have it`s own security risks , some of them hard to
skip ! 

The good point about terminal based solution IMO is keeping user
workstation clean and (almost) isolated, as it will act like a sandbox
for running browser . 
Any comments?

As always , open-source solutions (if any) are more welcome :)

I`l like to hear your personal experiences both as user & administrator
of such service.


Do You Yahoo!?
Tired of spam?  Yahoo! Mail has the best spam protection around 

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]