You can disable device redirection on the RD Gateway server.
On Wed, Jul 17, 2013 at 12:28 PM, Kennedy, Jim <[email protected] > wrote: > It is actually part of the rdp connection file she will download and use > to connect. But nothing stops the user from changing it. What security > concerns do you have? **** > > ** ** > > *From:* [email protected] [mailto: > [email protected]] *On Behalf Of *J- P > *Sent:* Wednesday, July 17, 2013 12:24 PM > *To:* [email protected] > *Subject:* RE: [NTSysADM] Exposure from VPN**** > > ** ** > > not sure, But I will not be in control of the gateway policy if I > understand correctly, it will be the remote domain /gateway host that would > configure that. > > > > > > > > > > > > Jean-Paul Natola > > > **** > ------------------------------ > > From: [email protected] > To: [email protected] > Subject: RE: [NTSysADM] Exposure from VPN > Date: Wed, 17 Jul 2013 16:14:42 +0000**** > > You can restrict the ability have the local drive show up through the > policy on the RD Gateway, can you not?**** > > **** > > *From:* [email protected] [ > mailto:[email protected] <[email protected]>] *On > Behalf Of *Kennedy, Jim > *Sent:* Wednesday, July 17, 2013 12:07 PM > *To:* [email protected] > *Subject:* RE: [NTSysADM] Exposure from VPN**** > > **** > > Ahhh, I see. Don’t think you can limit your exposure in that scenario > other than having her use a machine not in the domain…and on it’s own vlan > or internet connection.**** > > **** > > *From:* [email protected] [ > mailto:[email protected] <[email protected]>] *On > Behalf Of *J- P > *Sent:* Wednesday, July 17, 2013 12:03 PM > *To:* [email protected] > *Subject:* RE: [NTSysADM] Exposure from VPN**** > > **** > > This would still expose our lan would it not? > > she remotes in, her local drives show up including her network drives (our > lan shares), where's the security on our side? > > I get than they can secure their network using rdgateway, but what > protects me as I am not the gateway hoster/provider? > > > > > > > > > > > > Jean-Paul Natola > > > **** > ------------------------------ > > From: [email protected] > To: [email protected] > Subject: RE: [NTSysADM] Exposure from VPN > Date: Wed, 17 Jul 2013 15:54:04 +0000**** > > Pptp absolutely not. It is totally broken and insecure. MS has a KB > somewhere saying stop using it.**** > > **** > > We use remote desktop via Microsoft’s Remote Desktop Gateway. Very easy to > setup and use and gives the user a desktop that is located in the remote > domain..so all the settings..mapped drives…all show up.**** > > **** > > http://technet.microsoft.com/en-us/library/cc731150.aspx**** > > **** > > **** > > *From:* [email protected] [ > mailto:[email protected] <[email protected]>] *On > Behalf Of *J- P > *Sent:* Wednesday, July 17, 2013 11:43 AM > *To:* [email protected] > *Subject:* [NTSysADM] Exposure from VPN**** > > **** > > Hi all, > > We have an employee who works part time for 2 organizations which are > located in the same building, now we are moving > and they want her to VPN in from our network to theirs, using traditional > MS pptp- I'm not entirely comfortable with that idea , can someone suggest > a more secure safer alternative > > Or maybe someway of securing this type of connection as to reduce exposure > of our LAN? > > > TIA > > > > > > > > > > > Jean-Paul Natola > **** >
