We use a Dell SonicWall TZ210 appliance to connect our LAN to the internet and to remotely access our LAN. We are on a Domain, and our Domain Controller is a Windows Server 2008 Computer. I'm concerned that a person's home computer might have malware and that the malware could cause problems on our LAN if he/she establishes a VPN connection to our LAN. Is there a way to only allow a remote user to use remote desktop to remote to his/her local work computer after establishing a VPN connection and not use his/her home computer to do anything else on our LAN except to connect to his/her work computer? Then essentially the person would be using the work computer (local to the company) and only using his/her own computer at home to control his/her work computer. Would that reduce/eliminate the chances of an infected remote computer causing problems on our LAN? Are there other practices used to reduce the chances of a person's remote computer infecting a LAN when a VPN connection is established?