Re: web browsing in production environment - a journey through comfort and security

[evilwon12 () yahoo com]

And I thought I had issues.

My first question - what are you trying to prevent?  

This seems like a ton of work to do with a ton of upkeep without knowing what you are trying to prevent?

Do you fully understand why the employees are upset?  While most understand some sort of filtering, most people do not 
like the overbearing hand of big brother coming down on them without good explanation/reasoning.

What does your Internet Policy state?  Do you even have one?  If it is not rational and does not make sense, then 
employees will be disgruntled.

 -- i know most of the exploits try to implant viruses on the host, we have 3
anti virus engines, how high could be the impact?

Since they are browsing from your Citrix TS, your biggest threat is someone owning your Citrix TS box.  Now, if someone 
is smart enough to figure out how to piggy back that connection down to the workstation, you have your answer.

------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate.  We look at how SSL works, how 
it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, 
install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are 
highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
------------------------------------------------------------------------