I'm planning a business idea, where employees would install a corporate workstation at their home.
The workstation needs to connect to the corporate LAN over VPN, and obviously the workstation will be suitable locked down with group policies, yada, yada.
However, I'm wondering what the practicalities are, particularly as I want the workstations protected against the potentially hostile environment of the home LAN. So I'd prefer that the OS has absolutely no visibility of the home LAN, just the VPN (in order that threats known and unknown can be mitigated).
Is there something like a VPN card - which you just plug into a regular ethernet with internet connectivity?
Alternatively, would a hardware VPN router be a better idea? And if so, how do I prevent the workstation from being able to "see" the home LAN if the employee decides to play switcheroo (and similarly, how can I prevent the VPN router for providing VPN connectivity to the employee's personal machines). Presumably, a decent VPN router would provide IPsec, which would provide the necessary security.
However, I'm really not to sure what sort of stuff is on the market for the SME segment.
Any ideas on the feasibility of this project?
The workstation needs to connect to the corporate LAN over VPN, and obviously the workstation will be suitable locked down with group policies, yada, yada.
However, I'm wondering what the practicalities are, particularly as I want the workstations protected against the potentially hostile environment of the home LAN. So I'd prefer that the OS has absolutely no visibility of the home LAN, just the VPN (in order that threats known and unknown can be mitigated).
Is there something like a VPN card - which you just plug into a regular ethernet with internet connectivity?
Alternatively, would a hardware VPN router be a better idea? And if so, how do I prevent the workstation from being able to "see" the home LAN if the employee decides to play switcheroo (and similarly, how can I prevent the VPN router for providing VPN connectivity to the employee's personal machines). Presumably, a decent VPN router would provide IPsec, which would provide the necessary security.
However, I'm really not to sure what sort of stuff is on the market for the SME segment.
Any ideas on the feasibility of this project?
