2

I need to find a way to give some telecommuters access to the office network. However, there is a high degree of confidentiality involved. So I am looking for a way to give them dedicated hardware (computers, thin clients, etc.) to bring home for the task.

These devices must give access to file servers, printers, etc. in the office, but nothing else. Users must store files in the office server, etc. They should be prevented from storing items on the computer at their house, so something like a VPN isn't quite enough. I was thinking that a thin-client system would be great, but I don't know how to go about doing that.

Any suggestions on products or techniques? I don't have any prior experience with thin clint systems.

Improve this question
1
  • 1
    In addition, you'll need to consider whether or not you'll allow them to print from the remote session, access email, or browse the web (to access web based email and file upload services)... all methods which can be used to "extract" information from the corporate system. Depending on the nature of the data and it's level of confidentiallity, you may find the need to implement an RMS system as well (Rights Management Services).
    – joeqwerty
    Commented Nov 25, 2010 at 1:43

2 Answers 2

Reset to default
2

Thin clients are great for this. You'll need to deploy some sort of terminal server for them to access (VNC for Linux, RDS/Terminal Services, Citrix, Openview, etc for Windows). That's the most expensive part. The thin clients themselves generally are fairly cheap (because there's almost nothing to them).

Personally, I love Jack PC's, however they're a bit more... permanant. I don't know their model numbers, but Sun Microsystems also have (had?) a thin client that was compatible with Windows where the users had to insert a smart card for authentication, as well as enter their traditional username and password.

It may be a challenge to find ones that support VPNs out of the box, but I'm sure that they exist. Otherwise, Microsoft Terminal Services (RDP/RDS) can be very secure if it's configured correctly (FIPS compliant encryption, etc), which may negate the need for a VPN at all.

Improve this answer
4
  • = Farseeker? How come the change?
    – joeqwerty
    Commented Nov 25, 2010 at 2:19
  • @joe - I dunno. I just felt compelled one day. I've had that nick for almost 15 years now, decided it was time to shed it... on here at least.
    – Mark Henderson
    Commented Nov 25, 2010 at 2:25
  • Well I would do the same but my name is actually Joe Q. Werty... ;)
    – joeqwerty
    Commented Nov 25, 2010 at 2:28
  • @Joe - in that case your parents must have been very keen typists!
    – Mark Henderson
    Commented Nov 25, 2010 at 2:57
0

For a simple solution you could have a look at VNC+stunnel or nomachine NX which avoid the problems of transferring files / using local drives / printers (which MS Remote Desktop facilitates). If the desktop runs on MSWindows, then the former will require a dedicated server for each user, but the commercial version of the latter supports multiple users on the same server (approx 75USD/concurrent user). OTOH, for Unix/Linux desktops, NXserver is free.

VNC is also available as standard on recent Apple Macs.

Improve this answer

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .