2
The following setup:
I would like to add a machine (running windows server 2008 r2) to our home network, such that this machine has access to the internet, and such that it can be accessed (with full admin rights) from outside (another country in particular) through RDP. I want to give RDP access to some people who shall maintain some things for me on this machine and perform some work on it on a regular base. They also should have full admin rights to install on this machine whatever they need. Now - I trust these people regarding the tasks they shall perform, but not as much as I would want to sacrifice the security of the private data on the other machines within this network (especially the computers of my family members).
so - the requirements are:
- machine running windows server, physically located at my homeplace (because I need regular physical access to it, as it has some testing devices connected to it)
- RDP access with full Admin Rights to this machine from outside the home network
- no added security risk for other computers in the home network
Is there a way to isolate this machine on a network base, such that it can be accessed through the internet, but cannot communicate with other machines within the home network?
any tips are welcome
That heavily depends on many factors (i.e. the infrastructure and devices at your disposal). First and foremost you need a public IP for the server to make it accessible from outside. So depending on how many public IPs you have different scenarios are possible. It's going to be easiest if you have a spare public (if possible fix) IP for the server. Do you have that? And what else do you have in your network (router(s), firewall(s), ...)? And are you more concerned about the authorised people doing weird things or unauthorised people getting access to your Windows box? – scherand – 2013-02-23T12:24:49.333
You would most likely get a better answer from the security page – Griffin – 2013-02-24T05:31:44.997