mailing list archives
RE: Sharing internet through Citrix (or better solution) in isolated network?
From: "TVB NOC" <tvbnoc () temeculavalleybank com>
Date: Mon, 5 Nov 2007 08:52:35 -0800
I was in an environment where all services ran under Citrix PS4
including Internet. From a security standpoint it made things easier, we
only had to deal with isolating a single subnet for Internet access...
Proxy configurations, Firewall configurations, majority of changes
surrounding security became simpler to deal with...
From: listbounce () securityfocus com [mailto:listbounce () securityfocus com]
On Behalf Of Hamid . K
Sent: Monday, November 05, 2007 6:41 AM
To: security-basics () securityfocus com
Subject: Sharing internet through Citrix (or better solution) in
Hi list ,
I`m preparing solution for providing internet-access to internal
users . What I`m looking for is a solution that completely isolate
internet usage and internal systems.
I`m thinking about publishing internet through Citrix based solution,
and keep everything restricted on citrix server/sessions.
But I though there must be better solutions ,as using Citrix p.server
for such case have it`s own security risks , some of them hard to
The good point about terminal based solution IMO is keeping user
workstation clean and (almost) isolated, as it will act like a sandbox
for running browser .
As always , open-source solutions (if any) are more welcome :)
I`l like to hear your personal experiences both as user & administrator
of such service.
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around