Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

XenApp 6 : securing internet surfing

Posted on 2010-08-23
5
Medium Priority
?
833 Views
Last Modified: 2013-11-16
Hello !

I've got some workstations with critical informations which I would like to isolate from Internet. Currently, their users don't have any network connexion and use separate computer for internet surfing.

I'd like to simplify this, and use virtualisation instead.

I've thought of XenApp, and publish a browser such IE8, Firefox or whatever, which will run on a server inside the DMZ.
Unfortunatly, I don't have any experiences with Citrix.

1- Is this a good  idea ? Will the security be safe enough ?

2- What about the user experience ? (e.g. : the user click on a hypertext link, will XenApp intercept it and run it in the streamed browser ?) Of course, I'd like a solution as transparent as possible for the users...

Thank you for your opinions,


Best regards
0
Comment
Question by:DL_Stephane
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
5 Comments
 
LVL 10

Expert Comment

by:yasserd
ID: 33508477
I have no idea about XenApp. But this is what I thought about using virtualization as that's what you want.

You could install a virtual guest OS and an additional NIC on each PC. Configure the guest OS to use the new NIC and connect it to the Internet network.

This way all internet traffic would go through a different route and there would be no connection between the OS used for internet and the one containing the critical information.

Regards
0
 

Author Comment

by:DL_Stephane
ID: 33508846
Yes, I've thought of that too, but I'd like to find a solution as transparent as possible for the user and some of the computers are thin client so I can't add a new NIC...

Thx anyway.

Nobody here with good XenApp skills ?






0
 
LVL 7

Accepted Solution

by:
dnsguru44 earned 2000 total points
ID: 33519106
In regards to you question #1, yes, citrix ica client is as secure as you want it to be, it has up to 256-bit encryption but even in it's default (basic) state if the stream was intercepted the only thing that is being transferred are key/mouse strokes and pixel views.  Of course, your corporate firewall will play a key role as well.

#2 - I would need to understand more about your farm architecture, but quick and dirty answer is yes, this can be accomplished via client to server redirection.
0
 
LVL 38

Expert Comment

by:younghv
ID: 34580879
This question has been classified as abandoned and is being closed as part of the Cleanup Program.  See my comment at the end of the question for more details.
0

Featured Post

Ready for your healthcare security check-up?

In the past few years, healthcare organizations have become a prime target for advanced attacks. Does your organization have what it needs to defend itself? Schedule your healthcare security check-up today and download our free Healthcare Security Resource Kit today!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Most of the applications these days are on Cloud. Cloud is ubiquitous with many service providers in the market. Since it has many benefits such as cost reduction, software updates, remote access, disaster recovery and much more.
What if you have to shut down the entire Citrix infrastructure for hardware maintenance, software upgrades or "the unknown"? I developed this plan for "the unknown" and hope that it helps you as well. This article explains how to properly shut down …
How to install and configure Citrix XenApp 6.5 - Part 1. In this video tutorial we have explained step by step installation of Citrix XenApp 6.5 Server on Windows Server 2008 R2 is explained in this video. We have explained the difference between…
If you're a developer or IT admin, you’re probably tasked with managing multiple websites, servers, applications, and levels of security on a daily basis. While this can be extremely time consuming, it can also be frustrating when systems aren't wor…

597 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question