Well, that is partially true, but it doesn't really tell the whole
truth.

1. TSAC will do the web deployment, but it doesn't give you the
application publishing capabilities or client integration that ICA
clients will give you.
2. NFUSE is far more powerful then deploying simply a web client. With
nfuse, you can set up complete portals securely.
3. WLBS with Terminal Services is weak when compared with Citrix Load
Balancing.
4. Encapsulating RDP inside PPTP and L2TP is weaker then using
SSLRelaying, or Extranet, as your VPN solution. It isn't as scalable,
and is hardly "the best security you can get" in every architecture.

So, there is still a place for MF in building secure scalable remote
access solutions.

Henry

> -----Original Message-----
> From: Peter Meister [mailto:petermeiMICROSOFT.COM]
> Sent: Thursday, March 29, 2001 9:49 PM
> To: FOCUS-MSSECURITYFOCUS.COM
> Subject: Re: Citrix MetaFrame
>
>
> To respond to Scotts reply...You do not need CITRIX for WEB
> or SECURITY
> for terminal server connections..client can simply use the TSAC -
> Terminal Server Advanced Client, simply login via website
> http://www.microsoft.com search for TSAC and download the web
> plugin..This mounts a 314kb file into the IIS server wwwroot
> section as
> a new folder type called TSWEB simply http://serverip/tsweb and the
> client is now capable of native RDP entry via the web....As well it
is
> much easier to deploy TSAC then NFUSE...If you want to add a
> true layer
> of security then encapsulate RDP inside of VPN connection via PPTP
and
> L2TP this is the best security you can get and its also built into
> Windows 2000 no need for Citrix there either!
>
> Just so the truth be said :)
>
> Peter Meister
>
> -----Original Message-----
> From: Scott Landy [mailto:slandyBEACONMANUFACTURING.COM]
> Sent: Thursday, March 29, 2001 7:31 AM
> To: FOCUS-MSSECURITYFOCUS.COM
> Subject: Re: Citrix MetaFrame
>
>
> Citrix ix a very secure way to publish apps. To publish via
> the net, you
> need to use an add on like NFuse or Extranet (both also made
> by Citrix).
> The
> encryption levels are configurable. The default is basic windows,
but
> you
> can use 128 bit. With Citrix Extranet, you have more options
available
> (PKI,
> entrust etc.) For more info, go to www.citrix.com
>
> Scott Landy
>
> -----Original Message-----
> From: Justin Bloom [mailto:justin.bloomACIS-CAM.UK.COM]
> Sent: Wednesday, March 28, 2001 8:16 AM
> To: FOCUS-MSSECURITYFOCUS.COM
> Subject: Citrix MetaFrame
>
>
> Has anybody had any experince of running Citrix MetaFrame system
under
> the
> windows envirnoment? or any other for that reason.
>
> Basically I am looking for all the information I can find on the
> solution
> although especially security. It is my understanding that clients
can
> access
> applications/data via the internet using this system and that
> it is all
> communicated by encyrption is this encyrption good? and are there
any
> other
> security issues with this system?
>
> Any information is welcome
>
> Justin Bloom
>

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]