Re: TS Security Issue

Tech Tip: Click here to run a free scan for Windows Errors and optimize PC performance

well, they claim they have security between our information and other
customer information, the problem they have is our "mimimal" security
measure (as they put it) allows a user access to thier network, which is a
huge security bypass. They've made a suggestion to require remote TS users
to have a VPN connection before they're allowed to TS into the server ..
effectively disallowing any direct remote connection to the TS server.. the
problem I have with that is that limits the sales reps to the computers they
have .. and they don't have the technical knowledge to setup a VPN on the
fly.



"Jeff Pitsch [MVP]" <jeff@xxxxxxxxxxxxxxxxx> wrote in message
news:%23a%233mnIPGHA.2012@xxxxxxxxxxxxxxxxxxxxxxx
Isn't hte ASP in control of the security to their servers? Why aren't
they
telling you how they want it done instead of leaving it up to you? I
guess
I'm confused on how your supposed to make it more secure when the servers
are on their end and in their control.

Jeff Pitsch
Microsoft MVP - Terminal Services
http://www.sbcgatekeeper.com
Your Terminal Services Security Website

"AndreZ" <shmoes@xxxxxxxxxxx> wrote in message
news:%23tUOciIPGHA.3144@xxxxxxxxxxxxxxxxxxxxxxx
Ok, so here's the deal .. we're going to be using a new application
which
will be hosted by an ASP, we will have access to that ASP via a VPN
allowable from our location only. The problem the ASP has is because
our
only security is username/password to log into the TS server they don't
feel
that's enough protection for thier exsisting clients.

I'm not sure really what else to do at this point to secure it.. One
thing
I can think of is being able to identify the difference between a user
that's on TS on-site and a user that's on TS remotely .. then we could
possibly restrict the VPN accordingly.. I'm just not sure how it would
be
done..

Or if anyone else has other ideas, i'm open to listen to anything at
this
point.

Thanks.






.

Relevant Pages

  • Re: VPN - what happens now
    ... > over a straight RDC session because of the SSL encryption before it turns ... > the LAN and also can introduce security risks. ... > As for eliminating VPN... ... > the LAN for remote login. ...
    (microsoft.public.windows.server.sbs)
  • Re: authentication problem with outlook 2000 and "workgroup" account
    ... would lower the security a bit. ... (outlook, vpn access, etc.). ... I don't know a lot about Outlook 2000, ... >> I occasionally setup remote users laptops for my company. ...
    (microsoft.public.win2000.security)
  • Re: VPN Question
    ... >> If the remote user had their own router/firewall then, yes, security is ... > remote sites so the security will be there. ... > security" on VPN and local office. ...
    (comp.security.firewalls)
  • Re: Cor, memory lane....
    ... fairly sensible security reasons; it's not that we don't know how to ... but I thought the whole point of VPN was that it ensured ... Ours is set up such that I can start a remote ... I think you misunderstand what I mean by security. ...
    (uk.rec.motorcycles)
  • [UNIX] Netcool/NeuSecure Multiple Information Disclosure
    ... Get your security news from a reliable source. ... gain database and program passwords and remotely access Netcool/NeuSecure. ... Feb 3 Ticket is opened with tag: Insufficient customer information. ...
    (Securiteam)