Home page logo

basics logo Security Basics mailing list archives

Re: Sharing internet through Citrix (or better solution) in isolated network?
From: infolookup () gmail com
Date: Tue, 6 Nov 2007 02:57:03 +0000

I would agree with this, we have some terminals at my job that are only use for internet access, but like you mentioned 
if you are using p.server, make sure you are using a trusted proxy server, for internet filtering, and malicious code 
scanning, don't want to get your servers infected now.
Sent via BlackBerry from T-Mobile

-----Original Message-----
From: "Ali, Saqib" <docbook.xml () gmail com>

Date: Mon, 5 Nov 2007 09:21:03 
To:"Hamid . K" <elite_netbios () yahoo com>
Cc:security-basics () securityfocus com
Subject: Re: Sharing internet through Citrix (or better solution) in isolated network?

The best way I have found so far:

Publish IE/Firefox on Citrix, and use "Anoymous Citrix users
accounts". Clean Anonymous user space after logoff.

This works very well, if you don't need to track your internal user's
activity on the internet i.e. you trust your internal users.


On Nov 5, 2007 6:41 AM, Hamid . K <elite_netbios () yahoo com> wrote:
Hi list ,

I`m preparing solution for providing internet-access to internal
users . What I`m looking for is a solution that completely isolate
internet usage and internal systems.

I`m thinking about publishing internet through Citrix based solution,
and keep everything restricted on citrix server/sessions.
But I though there must be better solutions ,as using Citrix p.server
for such case have it`s own security risks , some of them hard to
skip !

The good point about terminal based solution IMO is keeping user
workstation clean and (almost) isolated, as it will act like a sandbox
for running browser .
Any comments?

As always , open-source solutions (if any) are more welcome :)

I`l like to hear your personal experiences both as user & administrator
of such service.


Do You Yahoo!?
Tired of spam?  Yahoo! Mail has the best spam protection around


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]