No reason why that shouldn't work, but the more encryption you layer on, the more performance will be impacted.
Suitability will depend on the specifics of your scenario. *ASB *(My XeeSM Profile) <http://XeeSM.com/AndrewBaker> *Exploiting Technology for Business Advantage...* * * On Thu, Dec 9, 2010 at 5:07 AM, Fergal O'Connell < foconn...@curamsoftware.com> wrote: > Is it possible to to allow the users to RDP over VPN to the firewall and > then route via a ISA server? > > > > > > *From:* RS [mailto:rich...@gmail.com] > *Sent:* 08 December 2010 21:04 > > *To:* NT System Admin Issues > *Subject:* Re: Remote access - Allow employees work from home > > > > I guess what I was trying to point out is that rolling out a basic RDP over > VPN solution leaves potential holes that need to be addressed. We use TS > Gateway and disable device redirection on the CAP. > > On Wed, Dec 8, 2010 at 2:02 PM, David Lum <david....@nwea.org> wrote: > > RDS or Citrix they only have access to drives via apps offered by the RDP > or Citrix session – the home user cannot UNC to drives as one could via VPN. > Launching Excel for example the EXCEL.EXE is on the RDS or Citrix box in RAM > and not the local users box…hence and infected system cannot get to the > EXCEL.EXE (or more importantly, it’s folder structure) to infect it. > > > > As other have said, you don’t really want a network connection between an > unmanaged machine and your network. > > > > Dave > > > > *From:* RS [mailto:rich...@gmail.com] > *Sent:* Wednesday, December 08, 2010 9:49 AM > > > *To:* NT System Admin Issues > > *Subject:* Re: Remote access - Allow employees work from home > > > > That's what I thought, and why I asked the question. If Joe home user can > connect his virus-riddled home (or even laptop) drives via the RDP session, > what have you really gained? (This can also be a source of data leakage, > not just inbound malware.) > > On Wed, Dec 8, 2010 at 12:39 PM, Phil Brutsche <p...@optimumdata.com> > wrote: > > Such things are configurable in TS/RDS and Citrix. > > If you allow them to connect directly to their work desktop, then no. > > On 12/8/2010 9:59 AM, RS wrote: > > Doing it this way, can you administratively control options like > > connecting local drives, printers, clipboard, etc? That might be > important. > > -- > > Phil Brutsche > p...@optimumdata.com > > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
