Terminal - Firewall

From: John Jairo Florez Torres (jjflorez_at_uninorte.edu.co)
Date: 05/23/03

  • Next message: Hugo Deckx: "RE: Security for Notebooks"
    To: <security-basics@securityfocus.com>
    Date: Fri, 23 May 2003 14:49:14 -0500
    
    

    Hi,
    I work for a University. We are working in a terminal server proyect and we
    are going to have for about 50 thin clients. The thin clients are going to
    work with Microsoft Office, explorer and a client-server application
    (Oracle).

    The question I have is where do I have to put the server. Our Firewall have
    four zones:
    - Outside (Internet)
    - DMZ
    - Institutional servers
    - PCs and departamentals servers. The thin cliesnts are going to be in this
    zone

    I think I would have to put the terminal server in the Institutional servers
    zone. If so, the network traffic from server to the thin clients would be
    passing throuhh the firewall. Could this traffic put a big work load in the
    firewall?
    Or Should I put the terminal server in the Pcs and departamentals servers
    zone where I am going to have my thin clientes too so this traffic does not
    pass through the firewall. The problem here is that the terminal server will
    not be protected by the Firewall from an attack originated in this zone.

    What schema do you recommend?
    In other words , is it a good a idea that the traffic between a terminal
    server and its thin clints pass through a firewall? any performance issues?

    Thanks for your help

    John Florez

    ---------------------------------------------------------------------------
    Thinking About Security Training? You Can't Afford Not To!

    Vigilar's industry leading curriculum includes: Security +, Check Point,
    Hacking & Assessment, Cisco Security, Wireless Security & more! Register Now!
    --UP TO 30% off classes in select cities--
    http://www.securityfocus.com/Vigilar-security-basics
    ----------------------------------------------------------------------------


  • Next message: Hugo Deckx: "RE: Security for Notebooks"