Task :
You need to give an external user VPN Connectivity to work for you but you want him/her to Save any type of Document on his own machine because the data is Highly Confidential for the Company.User must be granted Remote Desktop Only One of the most Advance and Secure Feature of Windows 7 has the Advance Security it provides making the Life of "System Administrator" easier.
Solution :
Steps to Block Sharing and Internet Access on a Windows 7 Machine.
For Outgoing Connection Block the Following on Windows 7
Machine.
- - Disable WorkStation Service.
- - Disable Netlogon Service.
- - Disable
Computer Browser Service.
O Open Services Tab and Stop the Following Services.
Disable "WorkStation" Service.
Disable "Browser" Service.
Disable "Netlogon" Service.
This will Block all outgoing Connection from the Source Machine, Netlogon Service is required for Network Sharing.
Now for Incoming Connections Follow these Steps.
Go to Manage Advanced Sharing Connection.
- - Disable all Options on all networks (
Public,Home,Domain).
- Only leave the Network Discovery Option set to
“ON” for Remote Desktop.
At Command Prompt Enter the Following Command :
Manage Advance Sharing Settings
Disable all the options except the Network Discovery ( This option is used for Remote Desktop Connections ).
Your Network is now safe from Incoming and Outgoing Sharing.
But still user can Send file through Internet, so for that we need to disable internet settings if you are running any Proxy Server. Also Disable TCP/IP Settings.
Now restart your Computer or run the following Command :
gpupdate/force
This will do the task Complete.
Note :-
Just add the User to Remote Desktop Users Group Only, by default a new user in Windows 7 is also in Administrator Group. Remove The user also from Administrator Group.