04-06-2009 11:08 AM - edited 03-10-2019 04:35 AM
Is there a way that we could restrict a desktop machine accessing any other system in the network ?
if so will we be able to implement an encrypted communication between the end machines .
04-06-2009 11:15 AM
An IPS is not the device you want for this job.
For access restriction you should look at using VLANs, for encrypted communications you should set up a tunnel between the desktop VLAN and the destination VLAN
04-07-2009 11:01 AM
Rhermes is correct; IPS is not the right solution. You want VLANs and ACLs, potentially NAC but that's overkill.
There are 3rd party products out that extend this as well, so if (for example) you permit a user to Remote Desktop or VNC from Desktop A to Server B, they're 'locked' into Server B and can't RDP out anywhere from there. I think one solution was called Xceedium.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide