Security Basics mailing list archives
Re: Citrix Web Interface - VPN - public computer...secure??
From: "ॐ aditya mukadam ॐ" <aditya.mukadam () gmail com>
Date: Fri, 11 Jul 2008 08:36:58 +0530
I know of devices like F5 firepass and Juniper IVEs in which you can configure separate groups with separate policies. You might wanna consider those into your existing set up . All da very best !!! Thanks, Aditya Govind Mukadam On Fri, Jul 11, 2008 at 12:36 AM, Don Joly <fuwmanchew () live com> wrote:
You bring up some very good points. Thank you so much for taking the time to respond. It is very much appreciated! DonDate: Thu, 10 Jul 2008 21:39:55 +0530 From: aditya.mukadam () gmail com To: fuwmanchew () live com; security-basics () securityfocus com Subject: Re: Citrix Web Interface - VPN - public computer...secure?? First of all let me say comment/compliment that the policy for WebVPN set up is done really well and correctly. It is an absolutely bad idea to allow intranet access from public computers because of reasons like it might have keylogger, virus on it, vulnerable OS which can allow user to hack that public pc ( while you are connected to intranet via WebVPN) n so on. If you still want to do it, you can develop seperate group of resources (which won't hurt you n your company if it gets exposed to threats etc) inshort -'not so important resources'. You should create seprate group to allow users to connect to it from public computer if you want to. However, please understand the risks you are taking in such cases. Remember my friend, security is often compromised for the ease of use !!! Thanks, Aditya Govind Mukadam On Thu, Jul 10, 2008 at 8:47 AM, Don Joly <fuwmanchew () live com> wrote:We have a Citrix Secure Gateway that some of our employees use for web VPN access from home. The Citrix Gateway provides users with published applications and desktops and has a valid SSL Cert. We have policies that all must sign agreeing to have some type of firewall enabled, OS patches and anti-virus software up to date. The policy also states that no user is to connect to the Citrix Gateway from a "public computer" or from a public hot spot. I've been asked if we could change this policy to allow connections from public computers and hot spots but I'm not sure how secure this would be. Would this be considered safe to allow this type of access? Why or why not? Thanks, Don _________________________________________________________________ The i'm Talkaton. Can 30-days of conversation change the world? http://www.imtalkathon.com/?source=EML_WLH_Talkathon_ChangeWorld________________________________ Use video conversation to talk face-to-face with Windows Live Messenger. Get started.
Current thread:
- Citrix Web Interface - VPN - public computer...secure?? Don Joly (Jul 10)
- Re: Citrix Web Interface - VPN - public computer...secure?? ॐ aditya mukadam ॐ (Jul 11)
- Message not available
- Re: Citrix Web Interface - VPN - public computer...secure?? ॐ aditya mukadam ॐ (Jul 11)
- Message not available
- Re: Citrix Web Interface - VPN - public computer...secure?? ॐ aditya mukadam ॐ (Jul 11)
- Re: Citrix Web Interface - VPN - public computer...secure?? Gleb Paharenko (Jul 11)
- Re: Citrix Web Interface - VPN - public computer...secure?? Robert Taylor (Jul 11)
- <Possible follow-ups>
- Re: Citrix Web Interface - VPN - public computer...secure?? infolookup (Jul 11)
- Re: Citrix Web Interface - VPN - public computer...secure?? K. Brian Kelley (Jul 11)
- RE: Citrix Web Interface - VPN - public computer...secure?? Chris R. Smith (Jul 11)
- Re: Citrix Web Interface - VPN - public computer...secure?? Wilson (Jul 14)