Re: Citrix Web Interface - VPN - public computer...secure??

["K. Brian Kelley" <arakakisudaki () yahoo com>]

Public computers? I wouldn't consider that safe. One just has to do a Google search on Kinkos and GoToMyPC to see why. 
With a public computer there is absolutely no guarantee of any sort of reasonable precautions such as up-to-date AV. If 
you were using Citrix Access Gateway you could do some level of endpoint analysis, but that's not the case with CSG.

 K. Brian Kelley, CISA, MCSE, Security+
Contributing Author: How to Cheat at Securing SQL Server 2005
Regular Columnist, SQLServerCentral.com and SQL Server Standard Magazine
http://www.truthsolutions.com/
http://blogs.sqlservercentral.com/brian_kelley/default.aspx



----- Original Message ----
From: Don Joly <fuwmanchew () live com>
To: security-basics () lists securityfocus com
Sent: Wednesday, July 9, 2008 11:17:02 PM
Subject: Citrix Web Interface - VPN - public computer...secure??


We have a Citrix Secure Gateway that some of our employees use for web VPN access from home. The Citrix Gateway 
provides users with published applications and desktops and has a valid SSL Cert. We have policies that all must sign 
agreeing to have some type of firewall enabled, OS patches and anti-virus software up to date. The policy also states 
that no user is to connect to the Citrix Gateway from a "public computer" or from a public hot spot. I've been asked if 
we could change this policy to allow connections from public computers and hot spots but I'm not sure how secure this 
would be. Would this be considered safe to allow this type of access? Why or why not?

Thanks,
Don



_________________________________________________________________
The i’m Talkaton. Can 30-days of conversation change the world?
http://www.imtalkathon.com/?source=EML_WLH_Talkathon_ChangeWorld