[THIN] Re: Applying Restrictions Via IP
- From: "BRUTON, Malcolm, FM" <Malcolm.BRUTON@xxxxxxxx>
- To: "'thin@xxxxxxxxxxxxx'" <thin@xxxxxxxxxxxxx>
- Date: Thu, 26 Jan 2006 09:29:47 -0000
Jeff
I wish it was that simple. It's not about Web browsing. It's about
retricting which sites they can access that are internal when the users are
external.
We want to share servers between internal and external users. We want the
internal users to be able to access all sites includng our internal web
based apps. When the same user is external say in a web cafe we do not want
them to be able to access our internal web sites.
We can't do it via group membership so we must do via IP....
We curently split our servers so internal access is to one set and external
is to another set with IE completly disabled.
We could achive this by moving our servers into a DMZ and applting firewall
restrictions but then we have to open up lots of ports in DMZ for Citrix
server to work with our the management stuff. Less than ideal.
Hoping we can use some form of IP restiction with IE blocking to achive
this. Playing with PAC files but struggling.
I get the feeling I am missing something really simple.....
PS we are on XP FRE3 and hopefully moving to PS4 laster this year
Malcolm
-----Original Message-----
From: thin-bounce@xxxxxxxxxxxxx [mailto:thin-bounce@xxxxxxxxxxxxx] On Behalf
Of Jeff Pitsch
Sent: 25 January 2006 15:48
To: thin@xxxxxxxxxxxxx
Subject: [THIN] Re: Applying Restrictions Via IP
Citrix policies can be applied by IP no problem.
IE browsing would be best controlled through your firewall...hint hint
Jeff Pitsch
On 1/25/06, BRUTON, Malcolm, FM <Malcolm.BRUTON@xxxxxxxx
<mailto:Malcolm.BRUTON@xxxxxxxx> > wrote:
And I would like the same for something like IE. As in certain IP addresses
can browse but others can't....
-----Original Message-----
From: thin-bounce@xxxxxxxxxxxxx <mailto:thin-bounce@xxxxxxxxxxxxx>
[mailto:thin-bounce@xxxxxxxxxxxxx <mailto:thin-bounce@xxxxxxxxxxxxx> ] On
Behalf Of Russell Robertson
Sent: 25 January 2006 13:32
To: thin@xxxxxxxxxxxxx <mailto:thin@xxxxxxxxxxxxx>
Subject: [THIN] Applying Restrictions Via IP
I'd like to switch on client drive mapping but only for some of our external
users (using WI3.0/CSG2.0). The idea being that we trust some external sites
but not all (e.g., web café would not be trusted).
We thought we could do this via IP address, has anyone done this sort of
thing before and could pass on advice?
Thanks
Russell
Russell Robertson
Skibo Technologies
T: +44 (0)1224 355250
E: <mailto:russell.robertson@xxxxxxxxxx> russell.robertson@xxxxxxxxx
W: <http://www.skibo.com/> www.skibo.com
Microsoft Certified Partners
Citrix Solutions Advisers
Northern Business Star Awards Finalists 2005
****************************************************************************
*******
The Royal Bank of Scotland plc. Registered in Scotland No 90312. Registered
Office: 36 St Andrew Square, Edinburgh EH2 2YB.
Authorized and regulated by the Financial Services Authority
This e-mail message is confidential and for use by the
addressee only. If the message is received by anyone other
than the addressee, please return the message to the sender
by replying to it and then delete the message from your
computer. Internet e-mails are not necessarily secure. The
Royal Bank of Scotland plc does not accept responsibility for
changes made to this message after it was sent.
Whilst all reasonable care has been taken to avoid the
transmission of viruses, it is the responsibility of the recipient to
ensure that the onward transmission, opening or use of this
message and any attachments will not adversely affect its
systems or data. No responsibility is accepted by The Royal
Bank of Scotland plc in this regard and the recipient should carry
out such virus and other checks as it considers appropriate.
Visit our websites at:
http://www.rbos.com <http://www.rbos.com/>
http://www.rbsmarkets.com <http://www.rbsmarkets.com/>
****************************************************************************
****
Other related posts:
