Creating a DMZ for remote desktop

5 pts.
Tags:
DMZ
Remote desktop
I'm working on a project where I need to create a DMZ for remote desktop access. Unfortunately, I was not in on the planning and can't order any hardware or software that wasn't already purchased. I was able to convince the team to use a dual firewall DMZ but they purchased two ASA 5515-x instead of 1 from two different vendors.
I'm okay with the setup but I'm stuck on one part in the planning. I have two types of users accessing files on a share that's not a part of the DMZ. I have users that are actual employees, I'll use a gateway to access files on that share. But I also have contractors who'll need access to files on that share too. Because the files are confidential I can't place the share in the DMZ.
What's the best way to have contractors access those shares without placing it in the DMZ. I'll have the contractors on a completely separate server that is in the DMZ. I'm just not sure how to give that contractor server access while still being secure as possible.


Software/Hardware used:
ASA 5515-X; Server 2012 R2

Answer Wiki

Thanks. We'll let you know when a new response is added.
Send me notifications when members answer or reply to this question.

Discuss This Question: 1  Reply

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when members answer or reply to this question.
  • Kevin Beaver
    Could you use a remote desktop server to facilitate that access? Perhaps a VPN connection into a protected area of the network or cloud-based file sharing service would suffice?
    26,480 pointsBadges:
    report

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

To follow this tag...

There was an error processing your information. Please try again later.

Thanks! We'll email you when relevant content is added and updated.

Following

Share this item with your network: