'[THIN] Re: Security Configuration Wizard on Citrix Servers?'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       thin
Subject:    [THIN] Re: Security Configuration Wizard on Citrix Servers?
From:       Martin Stephenson <martin.stephenson () gmail ! com>
Date:       2005-11-30 6:40:32
Message-ID: 11a28df10511292240s597eac6du4a361f444363e9fa () mail ! gmail ! com
[Download RAW message or body]

I have used it on CSG V3 with great success.  The neat thing about the
Wizard is that you can simply remove the entire template and get back to
where you were.  I dont recall any major gotchas with the security template=
,
I even used it to configure the Windows Firewall only allowing ports  443
and 80 (note: these are for inbound connections).  I also restricted port
3389 so it can only be accessed by internal IP address range.  Naturally th=
e
CSG is in a DMZ inside a proper firewall but I figured there is nothing
wrong with having an extra layer of security.  Also the only Web Service
extension you need to allow is ASP.Net.

Martin.


On 11/23/05, Jon D <rekcahpmip@gmail.com> wrote:
>
> Has anyone used the SP1 Security Configuration Wizard on Citrix Servers o=
r
> on secure gateways?
> Any problems or things to look out for?
>
>
>
>
>
>
>
>
>
>
>
>
>
> .
>
>

[Attachment #3 (text/html)]

<div>I have used it on CSG V3 with great success.&nbsp; The neat thing about the \
Wizard is that you can simply remove the entire template and get back to where you \
were.&nbsp; I dont recall any major gotchas with the security template, I even used \
it to configure the Windows Firewall only allowing ports&nbsp;&nbsp;443 and&nbsp;80 \
(note: these are for inbound connections).&nbsp; I also restricted port 3389 so it \
can only be accessed by internal IP address range.&nbsp; Naturally the CSG is in a \
DMZ inside a proper firewall but I figured there is nothing wrong with having an \
extra layer of security.&nbsp; Also the only Web Service extension you need to allow \
is  ASP.Net.</div>
<div>&nbsp;</div>
<div>Martin.<br><br>&nbsp;</div>
<div><span class="gmail_quote">On 11/23/05, <b class="gmail_sendername">Jon D</b> \
&lt;<a href="mailto:rekcahpmip@gmail.com">rekcahpmip@gmail.com</a>&gt; wrote:</span> \
<blockquote class="gmail_quote" style="PADDING-LEFT: 1ex; MARGIN: 0px 0px 0px 0.8ex; \
BORDER-LEFT: #ccc 1px solid"> <div>Has anyone used the SP1 Security Configuration \
Wizard on Citrix Servers or on secure gateways?</div> <div>Any problems or things to \
look out for?</div> <div>&nbsp;</div>
<div>&nbsp;</div>
<div>&nbsp;</div>
<div>&nbsp;</div>
<div>&nbsp;</div>
<div>&nbsp;</div>
<div>&nbsp;</div>
<div>&nbsp;</div>
<div>&nbsp;</div>
<div>&nbsp;</div>
<div>&nbsp;</div>
<div>&nbsp;</div>
<div>&nbsp;</div>
<div>.</div>
<div>&nbsp;</div></blockquote></div><br>


************************************************
For Archives, RSS, to Unsubscribe, Subscribe or 
set Digest or Vacation mode use the below link:
http://www.freelists.org/list/thin
************************************************

[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic