Re: Linux (Suse) TS ?
- From: BearItAll <spam@xxxxxxxxxxxxx>
- Date: Mon, 05 Dec 2005 15:25:28 +0000
On Mon, 05 Dec 2005 21:18:25 +1100, Billy wrote:
> HI chaps, wondering if you can point me in the right direction here.
>
> I'm looking at a way to grant work-at-home users access to their favourite
> Windows applications (Outlook, certain MS only applications etc ).
>
> Now, I was thinking maybe TS would be the way to go. I'm looking at a few
> users to begin with, maybe 20-30, scaling up to maybe a few hundred over
> time..maybe even as high as 500.
>
> I would like to be able to put 1.5 meg ADSL connections in their houses and
> supply them with company hardware all set up and ready to go.
>
> So I was thinking diskless linux based thin clients (customised so the
> machine boots from CD maybe and then presents them with a simple log-on
> screen...they put in their Active Directory corporate login details and
> bang, they're presented with a WinXP desktop or something via Terminal
> services)..
>
> Now, I'd need to run secure connections back to the corporate network. I'm
> thinking IpSec tunnels back to HQ..... my main sticking point is...what am
> I missing in all this? can you guys think of a better way to do this?
>
> Basically as far as the end user is concerned I want them to wander into
> their home office, turn on their computer and then have a simple login
> screen pop up, they put in their username/password and bingo..they get a
> Windows desktop so they can run their finance package or send email via
> Outlook or check their calendars or whatever... plus they could save files
> direct to maybe a USB key (still dunno about that one) AND that they can
> print stuff to a local printer (so they can save a .doc on their network
> share but print out a hardcopy at home).
>
> This system needs to suit people who are working from home ..they might not
> actually come into the office for days or weeks on end.
>
> Any ideas would be greatly appreciated, I've been googling....seen the
> knoppix cd's, the various thin client linux distros, the LTSP project etc
> etc but I am really after something simple, reliabe and dependable running
> over ADSL back to a Terminal Services or Citrix machine..
>
> I am obviously VERY VERY concerned about security of the network..
>
>
> Thanks in advance!!!
IPsec-VPN is secure, at least the communications are. For a fully secure
system though you want some control of what happens on each end of the
communications. Which you are obviously concidering. A bored sales rep, or
one of your users kids could load anything on a normal PC and that then
has access to the works end of your tunnel once the user has logged in.
It is very wise to be over strict with off site workstations. If those
stations were XP, then at least you would want the users to not have
access to load programs.
You are looking at using Linux workstations, which at least means the PC
could still be used as a family PC, with only the employees login
activating the vpn tunnel. I say that because our sales reps and
work at home directors started moaning because they had to have a PC for
work and another for home. I can't trust either so only allow them to
share the work PC if they move to Linux (I can be a right tyrant when the
mood takes me).
I had a visitor recently and while we had a meeting he connected to his
office using an Orange PCMCIA card which actoed like a moden and
connected him to his work system. It was painfully slow, it looked to me
like it had to download the entire MS Outlook data and desktop
before it could even start, I don't mean just displays because once past
this first step display updates were alright, certainly not great though.
That is a backward step. Because remote systems are meant to only update
displays, so screen updates can be very fast, key responses are reasonable
but you have to remember that it is the server end that is acting on the
keystrokes so there will always be some delay.
If you have no choice but to go TS because of the MS Apps then I'd look
very closely at what options you have in the setup for each part of the
application, there must be a lot of default data passing that isn't needed.
But if you can opt out of MS, then you would find that vnc of linix apps
run much better. No need to pull the entire desktop to the local machine,
just the application's display. Concider this also, you can nfs over VPN,
so each of your users machines is just a branch off your servers volume
tree, have their data volume on your server. Then if they do come into
work and log in locally, everything is as they left it when at home.
If you can go that root then you might also like to consider xoops.org
.
- Follow-Ups:
- Re: Linux (Suse) TS ?
- From: PerfectReign
- Re: Linux (Suse) TS ?
- References:
- Linux (Suse) TS ?
- From: Billy
- Linux (Suse) TS ?
- Prev by Date: Re: Upgrade Firefox 1.07 to 1.5
- Next by Date: Problem with OpenSuse 10 and CT4832 SB Live
- Previous by thread: Re: Linux (Suse) TS ?
- Next by thread: Re: Linux (Suse) TS ?
- Index(es):
Relevant Pages
|
