undefined | Better HN

0 pointstacticus1y ago0 comments

This is the practice in many government sites these days.

Except the vm is some old windows version without any tools on it. no shell access.

can't actually do anything useful on there at all.

VDI systems could work if implemented properly. but that's the last thing a security team actually wants to do.

0 comments

VDI is actually preferred by our security teams, because they have complete deep packet inspection on literally all traffic going in and out.

On our laptops, there are still some flows that avoid the vpn etc..

j / k navigate · click thread line to collapse

0 pointstacticus1y ago0 comments

This is the practice in many government sites these days.

Except the vm is some old windows version without any tools on it. no shell access.

can't actually do anything useful on there at all.

VDI systems could work if implemented properly. but that's the last thing a security team actually wants to do.

VDI is actually preferred by our security teams, because they have complete deep packet inspection on literally all traffic going in and out.

On our laptops, there are still some flows that avoid the vpn etc..

j / k navigate · click thread line to collapse