How to protect servers from VPN user systems?Locked
I work for a city government as a tech/LAN admin for a specific department. The VPN configuration for our network is managed by the enterprise level IT department. We’d like to give some contractors access to an application on our department network that is mission critical to our operations. Obviously, we’d also like to ensure that our servers and network are protected from any malicious software/activity that may exist on the contractor’s system/network.
The VPN Client Software that we’ll be using is Check Point VPN-1 SecureClient NG. We will also be using Citrix MetaFrame Program Neighborhood for the client systems to connect to our Citrix Server.
We already plan to limit their session to have access only to the necessary applications, and will strip everything from the desktop that isn’t needed. They will be locked down very tight in that regard.
Ultimately, we are more worried about protecting our systems from the stuff the user may not even be aware exists on their system.
I assume that there is some kind of device that we can put between our Citrix server and the enterprise network that would help protect our systems. I’m hoping that there is a relatively simple solution, even if it may not be cheap.
I’m looking for any suggestions that you may have on this please.