terminal server & spyware e.t.c what do you use

[craybox]

we are running a terminal server which will shortly be host to about 30 users.

I am concerned like everyone about spyware e.t.c. and wonder what corporate type solutions are available.

obviously at home we all make sure that spybot, pestpatrol or whatever are loaded. but what about 30 users browsing the net on their remote session? content controll application needed?

secondly what about browsers in remote desktops, is 20 instances of firefox gonna consume too much memory ?

thanks in advance

[NorthWoodsman]

Most people won't browse the Internet over RDP, I mean, it's assumed that if they're using Remote Desktop they probably have the Internet on their PCs (if not, you may want to question why the terminal server has Internet access but those same users don't)

[Kasandoro]

Do yourself a favor and put policies in place that do not allow internet explorer (or any other browser) to run on the terminal server. The LAST thing you want is spyware/adware on your server...I speak from experience...

[craybox]

thanks for the feedback people. Now, I understand the problem here the trouble is convincing other people about the problem.

Does anyone have any references to sites that contain info to back up the fact that its basically not a good idea !?

[+orgitnized Subscriber¹]

If you are the admin, you need to do the convincing. Don't rely on other informative sites to do it for you. You know what spyware, malware, crapware, etc. is. Explain it to them in your words to your users. Especially if they are the ones that need to use the server.

From a corporate solution standpoint, Sunbelt Software's CounterSpy is a nice one to use on servers. Honestly I haven't used it in a Terminal Service environment. The only thing up in the air is what's going to happen to the software if/when Microsoft decides not to allow them to share the definitions anymore, since Giant supported CounterSpy.

Or we wait and see what happens with Microsoft's Enterprise version of their AntiSpyware utility which should work quite well.

[.Kompressor]

Here's the simple thing to do.

If it's a Terminal Application Server that you have setup to let everyone log on and use specific applications. Then you can set it up so that only those Applications are accessible to them.

You can install the client in Administrator mode on their workstations then Create Shortcuts to Run each of the applications they need and that's it. They will not be allowed to run anything else like IE or download.