Security Basics mailing list archives
Re: Citrix Web Interface - VPN - public computer...secure??
From: Wilson <securitynewsgroup () gmail com>
Date: Mon, 14 Jul 2008 15:10:16 +1000
Hi all, just on a similar topic, how can I find out which user logon via Citrix Access Gateway at what time through which policy? CitrixACE in eventvwr does not provide much information, and I prefer to use any built in logging rather than external software. Any suggestions? Thanks in advance. Wil
-----Original Message----- From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On Behalf Of ? aditya mukadam ? Sent: Friday, 11 July 2008 2:10 AM To: Don Joly; security-basics () securityfocus com Subject: Re: Citrix Web Interface - VPN - public computer...secure?? First of all let me say comment/compliment that the policy for WebVPN set up is done really well and correctly. It is an absolutely bad idea to allow intranet access from public computers because of reasons like it might have keylogger, virus on it, vulnerable OS which can allow user to hack that public pc ( while you are connected to intranet via WebVPN) n so on. If you still want to do it, you can develop seperate group of resources (which won't hurt you n your company if it gets exposed to threats etc) inshort -'not so important resources'. You should create seprate group to allow users to connect to it from public computer if you want to. However, please understand the risks you are taking in such cases. Remember my friend, security is often compromised for the ease of use !!! Thanks, Aditya Govind Mukadam On Thu, Jul 10, 2008 at 8:47 AM, Don Joly <fuwmanchew () live com> wrote:We have a Citrix Secure Gateway that some of our employees use for web VPN access from home. The Citrix Gateway provides users with published applications and desktops and has a valid SSL Cert. We have policies that all must sign agreeing to have some type of firewall enabled, OS patches and anti-virus software up to date. The policy also states that no user is to connect to the Citrix Gateway from a "public computer" or from a public hot spot. I've been asked if we could change this policy to allow connections from public computers and hot spots but I'm not sure how secure this would be. Would this be considered safe to allow this type of access? Why or why not? Thanks, Don
Current thread:
- Citrix Web Interface - VPN - public computer...secure?? Don Joly (Jul 10)
- Re: Citrix Web Interface - VPN - public computer...secure?? ॐ aditya mukadam ॐ (Jul 11)
- Message not available
- Re: Citrix Web Interface - VPN - public computer...secure?? ॐ aditya mukadam ॐ (Jul 11)
- Message not available
- Re: Citrix Web Interface - VPN - public computer...secure?? ॐ aditya mukadam ॐ (Jul 11)
- Re: Citrix Web Interface - VPN - public computer...secure?? Gleb Paharenko (Jul 11)
- Re: Citrix Web Interface - VPN - public computer...secure?? Robert Taylor (Jul 11)
- <Possible follow-ups>
- Re: Citrix Web Interface - VPN - public computer...secure?? infolookup (Jul 11)
- Re: Citrix Web Interface - VPN - public computer...secure?? K. Brian Kelley (Jul 11)
- RE: Citrix Web Interface - VPN - public computer...secure?? Chris R. Smith (Jul 11)
- Re: Citrix Web Interface - VPN - public computer...secure?? Wilson (Jul 14)