Friday, April 30, 2010

Secure browsing using Remote Desktop Server

In order to secure Internet browsing on corporate desktops you may place a Remote Desktop Server (former Terminal Server) in a separate network connected by a firewall to your corporate network. Allow http connection to the Internet only for this separated network and access from the corporate network to the Remote Desktop Server (open TCP port 3389).

You may use RemoteApp to only see the browser window, without the remote desktop.

A virus outbreak can only affect computers on that separate network but not the workstations and servers on you corporate network.

Use Software Restriction policy to harden the Remote Desktop Server.

No comments:

Post a Comment