What tools can limit users' acess to applications and network resources?

Ask the Expert

What tools can limit users' acess to applications and network resources?

I have SharePoint sites that are being accessed by the public (vendors, consultants, etc). They require an account in Active Directory for authentication. Can you suggest how to set the accounts so that on-site users cannot log in to the network?

Continue Reading This Article

Enjoy this article as well as all of our content, including E-Guides, news, tips and more.

By submitting your email address, you agree to receive emails regarding relevant topic offers from TechTarget and its partners. You can withdraw your consent at any time. Contact TechTarget at 275 Grove Street, Newton, MA.

You also agree that your personal information may be transferred and processed in the United States, and that you have read and agree to the Terms of Use and the Privacy Policy.

Safe Harbor

It almost sounds like an SSL VPN would do the trick. An SSL VPN creates a secure tunnel over an HTTP connection. Unlike an IPsec VPN, which is a hardware product configured on a specialized router, an SSL VPN is a Web-based application.

Another key difference between the two VPNs is that an IPsec VPN connects a client, or workstation, to a network. An SSL VPN connects an individual user to an application. The SSL VPN can be finely tuned to only allow outside vendors and consultants access to specific applications, rather than the whole network.

Two well-known vendors of SSL VPNs are Juniper Networks Inc. and Aventail Corp.

Alternatively, you could set the group policy objects (GPO) within Active Directory for outsiders logging in. GPOs can be set to limit specific users' access to network resources, while allowing access to specific files containing the applications they need.

Either approach -- the SSL VPN or setting the GPOs -- can provide you limited access requirements.

More information:

  • Read a book chapter on VPNs and encryption.
  • Learn the costs of maintaining a VPN.
  • This was first published in December 2006