With the end of life coming for XP I have the task of looking at the security risk this presents to our company. I have recommended that we remove XP as it is not going to be patched and vendor support for software is going to end not long after. I have received a lot of blow back from out voice techs, that need old applications to work that are no longer vendor supported. Is there a way to secure XP mode some what? host based IPS/IDS? Am I right in thinking that XP need to not be in our environment. I am leaning towards giving the techs old XP machines with a user account and the applications they need and only connect it to an out side internet connection and the computer will not be on the domain. Is that the best option? All comments and ideas welcome
There’s nothing you can do about it – cost to replace applications overrides risk from external threats.
The route we took down was to VDI all of the copies of XP (In our case it was 2K) on a central visualization instance, and then secure the hell out of it. IDS/Layer 7 firewalls/AV/locked down/Remove Internet Access//Remove from AD/etc.
Applications can still be used, but everything going in and out of that environment is heavily monitored.
Viewing 2 reply threads
You must be logged in to reply to this topic.
– EH-Net Live!Thurs Oct 29 @ 1:00 PM US ET. Details Coming Soon!