It is my understanding if set up properly, CSG is pretty much hack proof. It is hard for me to believe that hackers can not get in from anywhere but I have heard that security experts have said unless you have the soft token and the proper authentication to access MetaFrame, the hacker will get stopped at the CSG server. Let them bang on it as they may but unless they have the proper credentials, that is where they are stopped. So I don't know if you need to worry about locking access to the CSG except for the normal permissions to restrict access to that server. Please someone correct me if I am wrong. Jay -----Original Message----- From: Jay.Jukes@xxxxxxxxxx [mailto:Jay.Jukes@xxxxxxxxxx] Sent: Tuesday, August 20, 2002 7:57 AM To: thin@xxxxxxxxxxxxx Subject: [THIN] Preventing access to CSG Gday all, can you think of any ways of locking access to CSG to dedicated machines? I have a need to provide external access to laptops connecting in via the internet (dynamic IP) but do not want access from non authorised personal devices. ie, let the user connect via their company laptop but not from an Internet cafe or their personal PC. Possibly a login script that checks for the instance of a local file and denies access if its not found? I'd like to deny access before they get this far though. Cheers Jay Jukes *********************************************** COM Centre Systems Engineer MCSE MCP+I CCA CSM Technology Ph: 61 8 8936 1400 Fax: 61 8 8941 1657 Email: jay.jukes@xxxxxxxxxx Web: www.csm.com.au *********************************************** This e-mail, including any attachments, is intended only for the use of the individual or entity named above and may contain information that is confidential and privileged. Any information contained in this e-mail is not to be used or disclosed for any purpose other than the purpose for which you received it. If you are not the intended recipient you are notified that disclosing, copying, distributing or taking any action in reliance on the contents of this information is strictly prohibited. If you have received this e-mail by mistake, please delete this e-mail permanently from your system. WARNING: Although the company has taken reasonable precautions to ensure no viruses are present in this e-mail, the company can not accept responsibility for any loss or damage arising from the use of this e-mail or attachments. =================================== This weeks Sponsor: ThinPrint - High resolution, DRIVER FREE PRINTING with no loss of quality in color. - Removes print spooling and rendering tasks from your terminal server. http://www.thinprint.com =================================== For Archives, to Unsubscribe, Subscribe or set Digest or Vacation mode use the below link. http://thethin.net/citrixlist.cfm =================================== This weeks Sponsor: ThinPrint - High resolution, DRIVER FREE PRINTING with no loss of quality in color. - Removes print spooling and rendering tasks from your terminal server. http://www.thinprint.com =================================== For Archives, to Unsubscribe, Subscribe or set Digest or Vacation mode use the below link. http://thethin.net/citrixlist.cfm