No matter how bad you have it someone else has it worse.
In order to do my job I have to log into the VPN, and then remote desktop onto a server, then from that server remote desktop onto another server. Then I have to go back to the first remote desktop and remote desktop onto a different server which from there I can remote desktop onto two other servers, on one of those servers there are two different log ons which I can use to do different tasks.
Then back on the main desktop I can remotely connect via web browser to a virtual machine that I can then remote desktop onto a server. If I want to change the password on that server I have to remote desktop from that remote desktop from that virtual machine, into a remote desktop.
Oh and then there is the web app that I have to use that only works in Internet Explorer, but for security reasons IE has been removed from the main system, so I have an entire remote desktop literally just to use Internet Explorer.
It takes about 25 minutes to log into everything everyday and about 10 minutes to log out at the end of the day.
Fuck, and here I thought AGS progressive controllers were bad. Remote desktop into the controller using a commonly known username and password to get a “salt”, “hash code”, “iterations”, “password length”, and “server name”. Enter all that onto a website that has to be logged in to, all to get a generated password which is used to remote desktop desktop into the same progressive controller under a different account. Password changes every 24 hours. Oh, and did I mention that this is typically done on an active casino floor? Good times.
No matter how bad you have it someone else has it worse.
In order to do my job I have to log into the VPN, and then remote desktop onto a server, then from that server remote desktop onto another server. Then I have to go back to the first remote desktop and remote desktop onto a different server which from there I can remote desktop onto two other servers, on one of those servers there are two different log ons which I can use to do different tasks.
Then back on the main desktop I can remotely connect via web browser to a virtual machine that I can then remote desktop onto a server. If I want to change the password on that server I have to remote desktop from that remote desktop from that virtual machine, into a remote desktop.
Oh and then there is the web app that I have to use that only works in Internet Explorer, but for security reasons IE has been removed from the main system, so I have an entire remote desktop literally just to use Internet Explorer.
It takes about 25 minutes to log into everything everyday and about 10 minutes to log out at the end of the day.
Thanks for the aneurysm. I feel for you.
Oh ffs I got annoyed just reading the comment I can’t imagine the hell of having to do that
You clearly don’t work in an OT environment. Network segmentation is everything.
I bet the security “experts” who designed this are busy jerking each other off about how “secure” they’ve made everything
Fuck, and here I thought AGS progressive controllers were bad. Remote desktop into the controller using a commonly known username and password to get a “salt”, “hash code”, “iterations”, “password length”, and “server name”. Enter all that onto a website that has to be logged in to, all to get a generated password which is used to remote desktop desktop into the same progressive controller under a different account. Password changes every 24 hours. Oh, and did I mention that this is typically done on an active casino floor? Good times.
But why though
I’m not op, but It’s probably an isolated network with only one computer that has access to both the isolated network the th general network.
The restricted network (with the production or sensitive servers) has no direct Internet access and often no direct route from a corporate LAN.
There’s one “jump host” or “bastion” system that does have connectivity to that restricted segment.
Administrators connect to that jump host (often over RDP, sometimes SSH or a virtual desktop) from the normal network.
Once on the jump host, they can manage the internal systems inside the isolated network.