How to secure a VM while allowing customer RDS (or equivalent) access to its desktop

Posted by ChrisA on Server Fault See other posts from Server Fault or by ChrisA
Published on 2010-11-23T16:15:00Z Indexed on 2011/02/08 7:27 UTC
Read the original article Hit count: 177

We have a Windows Client/(SQL-)Server application which is normally installed at the customer's premises.

We now need to provide a hosted solution, and browser-based isn't feasible in the short term.

We're considering hosting the database ourselves, and also hosting the client in a VM. We can set all this up easily enough, so we need to:

  • ensure that the customer can connect easily, and also
  • ensure that we suitably restrict access to the VM (and its host, of course)

We already access the host and guest machines across the internet via RDS, but we restrict access to it to only our own internal, very small, set of static IPs, and of course theres the 2 (or 3?)-user limit on RDS connections to a remote server.

So I'd greatly appreciate ideas on how to manage:

  • the security
  • the multi-user aspect.

We're hoping to be able to do this initially without a large investment in virtualisation infrastructure - it would be one customer only to start with, with perhaps two remote users.

Thanks!

© Server Fault or respective owner

Related posts about virtualization

Related posts about hosting