Unfortunately, the client wants 20-30 users to run an application FROM the untrusted server. The application will reside on the mapped drive.
The application sits in a hosted environment. What's in between the firewall is the client's extranet, but for business reasons, the client wants the application at a remote host. I'm trying to persuade them to use Terminal Services (they don't like Citrix) in their extranet, but they claim running it the above way should be fine. The idea curls my hair, from a performance AND a security standpoint, but I need to be specific as to what the risks are. Thanks folks, I'm getting a lot out of this exchange. Eigen
