K_Wilke
asked on
Best Replacement for Terminal Server - Is it Citrix or Something Else?
Hello all,
I have no experience in Citrix at all so please be gentle with me since there is much information out there.
Background: One of my clients got partially nailed with ransomware. They had a terminal server on a 2012 R2 standard server OS machine. I tightened everything down that I could but obviously not enough. The terminal server got completely encrypted.
The reason the need for a terminal server is that the physicians require getting to their EMR package from their houses or the hospital. The EMR package is housed on another server on the LAN.
Halfway through restoring data from a backup and rebuilding the terminal server (which is currently down) the physicians wanted me to stop and want to meet to discuss an alternative to terminal services.
SO, what alternatives are there out there that will allow me to do something like a terminal server but is way more secure against the ransomware people? It has to fit into our architecture (run on a Windows 2012 R2 or 2016 server), be on a physical server, and allow the physicians to either put in the IP address or (if I need to build it) a URL. I DO NOT WANT a virtual or cloud based version.
Is Citrix secure enough or does it run into the same problems as terminal services?
Does Citrix have a version that runs only on one server that is not virtual or cloud based?
If Citrix does not fill the bill what else is there out there?
Thank you in advance and again please be gentle
Kelly W.
I have no experience in Citrix at all so please be gentle with me since there is much information out there.
Background: One of my clients got partially nailed with ransomware. They had a terminal server on a 2012 R2 standard server OS machine. I tightened everything down that I could but obviously not enough. The terminal server got completely encrypted.
The reason the need for a terminal server is that the physicians require getting to their EMR package from their houses or the hospital. The EMR package is housed on another server on the LAN.
Halfway through restoring data from a backup and rebuilding the terminal server (which is currently down) the physicians wanted me to stop and want to meet to discuss an alternative to terminal services.
SO, what alternatives are there out there that will allow me to do something like a terminal server but is way more secure against the ransomware people? It has to fit into our architecture (run on a Windows 2012 R2 or 2016 server), be on a physical server, and allow the physicians to either put in the IP address or (if I need to build it) a URL. I DO NOT WANT a virtual or cloud based version.
Is Citrix secure enough or does it run into the same problems as terminal services?
Does Citrix have a version that runs only on one server that is not virtual or cloud based?
If Citrix does not fill the bill what else is there out there?
Thank you in advance and again please be gentle
Kelly W.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thanks...the remote app is what we will be donig.
Here on EE the consensus is to not expose 3389 to the internet shodan and other web crawlers will show this as available in short order and script kiddies and others will be attacking it in short order.
Use a vpn to access internal network from the outside.
The medical industry has been a target of ransomware authors for a long time AND it will only increase. I would tend to think that it wasn't RDS but one of the users of the network clicked on an email message (spear phishing) that started the script unless your forensic results show otherwise.