Offsite users who never get to plug in

Discussion in 'Business & Enterprise Computing' started by Ding.Chavez, Feb 16, 2011.

  1. Ding.Chavez

    Ding.Chavez Member

    Joined:
    Jul 27, 2001
    Messages:
    423
    Location:
    Sydney
    So i have about 80ish sales guys in APAC region who will probably never see a blue cable in 12-18 months... some = never

    Anyone else in the situation?

    What do you do with things like Windows updates, software updates, GPO's, login batch files, compliance... etc etc

    At the moment we like to re-image and re-fresh the SOE every 12 months but at the moment these people sometimes don't even visit the office they are all VPN'd

    Any thoughts?

    I run a stand 2003 environment all windows xp on laptops with 3g/wireless connection to VPN to us.
     
  2. Nikoy

    Nikoy Member

    Joined:
    Mar 10, 2004
    Messages:
    2,972
    Location:
    Perth WA

    Is citrix an option?
     
  3. Nikoy

    Nikoy Member

    Joined:
    Mar 10, 2004
    Messages:
    2,972
    Location:
    Perth WA
    I think you can also get Network access protection to work over VPN which would require x patch level x software version.
     
  4. ben.anderson

    ben.anderson Member

    Joined:
    Jun 17, 2008
    Messages:
    12
    Location:
    Brisbane
    As the above post suggested, look for a hosted desktop solution or put Citrix on your existing servers.
     
  5. scrantic

    scrantic Member

    Joined:
    Apr 8, 2002
    Messages:
    1,773
    Location:
    3350
    Has anyone explored Branch Cache with Win 7 & 2008 R2?
     
  6. Simwah

    Simwah Member

    Joined:
    Aug 6, 2005
    Messages:
    1,998
    Location:
    Brisbane
    I think you mean Direct Access
     
  7. scrantic

    scrantic Member

    Joined:
    Apr 8, 2002
    Messages:
    1,773
    Location:
    3350
    Correct :), That's what I was referring to.
     
  8. Gecko

    Gecko Member

    Joined:
    Jul 3, 2004
    Messages:
    2,715
    Location:
    Sydney
    Depending on the requirements of the staff, we either:

    1) RDP over VPN
    2) IMAP/SMTP/HTTP over VPN (we have a lot of staff who, given email and a web browser can do their jobs perfectly - woohoo for webapps)

    Only thing to watch with option 2 is to treat emails that they have sent into the system as being as dangerous as any email from the outside world, ie virus check them ASAP etc.
     
  9. elvis

    elvis Old school old fool

    Joined:
    Jun 27, 2001
    Messages:
    45,349
    Location:
    Brisbane
    I'd definitely do everything in my power to keep them off my network.

    RDP/MS-TSG/Citrix and other VDI type solutions would be what I'd be doing. If VPN is a requirement, they'd be dumped into a dead-end network with no access but to a presentation server.

    Citrix and Co support almost anything these days, even iPad type devices.

    There's no way on God's green earth I'd be letting a machine that's been out in the wild for 18 months anywhere near my core prod network without first hitting it with a flame thrower.
     
  10. g1g@8yT3

    g1g@8yT3 Member

    Joined:
    May 30, 2003
    Messages:
    104
  11. Skitza

    Skitza Member

    Joined:
    Jun 28, 2001
    Messages:
    3,773
    Location:
    In your street
    I had the same setup for a few people who would never see a blue cable and all had 3G VPN connectivity. To be honest, I didn't do anything different, they all had AV/WSUS/Updates pushed to them via the VPN and most was done using NPM or LANDesk. Obviously I didn't push complete SOE's but I treated them the same and never had an issue. Don't really see an issue once they are on the VPN.
     

Share This Page

Advertisement: