[windows2000] Re: Remote connection
- From: "Mauricio Fernandez" <mfernandez@xxxxxxxxxxxxxxx>
- To: <windows2000@xxxxxxxxxxxxx>
- Date: Fri, 13 May 2005 08:48:05 -0400
I was in the same problem just on January, and this is what we decided:
- Users only can connect to the network if they use an office notebook
with a VPN configuration
- Users who wants to login from different computers, just can access to a
public fileserver (where we store public information) in the DMZ zone.
- Access to databases and intranet are only allowed through VPN
connections.
Mauricio Fernández S.
IT Manager
Tel. 591- 445-25160
Fax. 591- 441-15056
mfernandez@xxxxxxxxxxxxxxx
www.fdta-valles.org
Cochabamba - Bolivia
-----Original Message-----
From: windows2000-bounce@xxxxxxxxxxxxx
[mailto:windows2000-bounce@xxxxxxxxxxxxx] On Behalf Of Chris Berry
Sent: Thursday, May 12, 2005 7:28 PM
To: windows2000@xxxxxxxxxxxxx; oclug@xxxxxxxxx
Subject: [windows2000] Remote connection
Our company has reached the stage where some managers are starting
to want remote access to the network from the road and/or their house.
The obvious solution is to install a VPN, however they are insisting on
using their own equipment for cost/convenience reasons. Given that
several of these individuals are routinely infected, manage to delete
their own firewall software, etc. I'm not too excited about the
prospect of opening our network up that way.
My first response was to insist that they either use company
equipment, or have a second drive/partition set up by IT and used only
for work. This is not proving as easy, cheap or convenient as it needs
to be to convince them. At the moment we're deadlocked on
convenience/price vs. security.
One possiblity I've been thinking about is terminals. I won't be
able to control the OS of the users system, and it's most likely to be
some flavor of MS, even though we're heading towards a mixed environment
here at work. If a user opens up a remote terminal window on an
infected home machine, can the infection migrate from the host to the
terminal session? Are there any security implications here?
I'd like to solicit some additional opinions on options of how to
handle this situation. I'm in the research phase right now, so any and
all possible solutions are welcome.
--
Chris Berry
chris_berry@xxxxxxxxxxxxxxxxx
Information Advisory Manager
JM Associates
"There is nothing so useless as doing efficiently that which should not
be done at all." --Peter Drucker
********************************************************
This Weeks Sponsor: Straymonkey.com
Excellent web templates, fonts, and downloads
on this new site brought to you by The Kenzig Group
http://www.straymonkey.com
**********************************************************
To Unsubscribe, set digest or vacation
mode or view archives use the below link.
http://thethin.net/win2000list.cfm
Other related posts:
