Educause Security Discussion mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Remote Access to Staff Desktops

From: "Kieper, David" <kieperd () UWGB EDU>
Date: Wed, 18 Feb 2009 08:29:10 -0600
We have implemented a product from hobsoft.com called HOB Desktop on Demand:

                http://www.hobsoft.com/products/connect/JWT_DoD.jsp

The product relies on a SSL encrypted RDP session that goes through a server located on campus.  The user starts a 
session to the campus based server, is authenticated to active directory, the server then issues a wake on lan call to 
the user's PC (info for the user's specific PC is stored in active directory), and then initiates the RDP session.  The 
client side is java based.  No changes on the campus desktop side.  The nice aspect is that firewall rules do not have 
to be relaxed to allow any IP to access the address range of campus PC's for RDP access-just SSL to the server.   You 
also have less firewall changes needed for the users to remotely access their respective servers as well.  With the 
link from the user to their PC via active directory information (that we control centrally), we control who can access 
which computers.

The use of the remote desktop is also employed on campus from classrooms back to the faculty's desktop to run 
specialized applications as part of class presentations.  This means not having to install specialized applications 
(and resolving application conflicts) on classroom computers as well as the faculty desktop.

The use of remote desktop access also means less issues with persons installing applications (and the resulting need 
for support) on home computers as well as hauling potentially confidential data home on jump drives and removable media 
where it can be compromised.

 We also employ the same product to provide 24 x 7 student remote access to a bank of PC's loaded with specialized 
applications as well as specialty labs around campus after they close in the evening.

The only applications that do not work as well in remote access mode are multi-media type applications (multi-media 
editing, viewing a video clip, etc.).

Regards,

David Kieper
Manager, Network and Infrastructure Services
Information Technology Security Officer
Information Services Division
University of Wisconsin - Green Bay                               office:  (920) 465-2238
2420 Nicolet Drive                                                         fax:      (920) 465-2864
Green Bay, WI  54311-7001   USA                                  email:   kieperd () uwgb edu<mailto:kieperd () uwgb 
edu>


From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Tim Lane
Sent: Tuesday, February 17, 2009 10:30 PM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: [SECURITY] Remote Access to Staff Desktops

Hi All,

We are receiving an increasing number of requests from staff to remotely access their desktops, for a variety of 
reasons.

I would be interested in hearing if any other Universities allow this, and if so how you are providing secure access, 
or if you have any thoughts/comments on the matter.

Thanks,

Tim

Tim Lane
Information Security Program Manager
IT&TS
Southern Cross University
Ph (02) 6620 3290
Mobile 0418 248 571
Previous By Date Next
Previous By Thread Next

Current thread: