|
Security Basics
mailing list archives
Re: Citrix Web Interface - VPN - public computer...secure??
From: "ॐ aditya mukadam ॐ" <aditya.mukadam () gmail com>
Date: Thu, 10 Jul 2008 21:39:55 +0530
First of all let me say comment/compliment that the policy for WebVPN
set up is done really well and correctly. It is an absolutely bad idea
to allow intranet access from public computers because of reasons like
it might have keylogger, virus on it, vulnerable OS which can allow
user to hack that public pc ( while you are connected to intranet via
WebVPN) n so on.
If you still want to do it, you can develop seperate group of
resources (which won't hurt you n your company if it gets exposed to
threats etc) inshort -'not so important resources'. You should create
seprate group to allow users to connect to it from public computer if
you want to. However, please understand the risks you are taking in
such cases.
Remember my friend, security is often compromised for the ease of use !!!
Thanks,
Aditya Govind Mukadam
On Thu, Jul 10, 2008 at 8:47 AM, Don Joly <fuwmanchew () live com> wrote:
We have a Citrix Secure Gateway that some of our employees use for web VPN access from home. The Citrix Gateway
provides users with published applications and desktops and has a valid SSL Cert. We have policies that all must sign
agreeing to have some type of firewall enabled, OS patches and anti-virus software up to date. The policy also states
that no user is to connect to the Citrix Gateway from a "public computer" or from a public hot spot. I've been asked
if we could change this policy to allow connections from public computers and hot spots but I'm not sure how secure
this would be. Would this be considered safe to allow this type of access? Why or why not?
Thanks,
Don
_________________________________________________________________
The i'm Talkaton. Can 30-days of conversation change the world?
http://www.imtalkathon.com/?source=EML_WLH_Talkathon_ChangeWorld
 By Date 
By Thread
Current thread:
|
Intro
