Which remote desktop protocol to choose for a potentially malicious server (linux)

I am trying to “outsource” potentially dangerous applications such as web browsing to a separate Linux machine sitting in its own network segment and which is isolated by a rigorous network firewall from our internal network, thus I am trying to build a “remote-controlled browser”. Since I am in the early planning phase, I wonder which remote protocol to choose best for remote access to such a machine. I have to deal with a potentially malicious server and I want to protect the client (Windows or Linux) which accesses it.

Which remote control protocol would you recommend for a small attack surface? I can think at the moment of

  • RDP
  • VNC
  • SPICE (from the proxmox hypervisor)
  • NX (Nomachine)
  • X2GO
  • XPRA via HTML5

It is clear that the more lightweight a protocol is, the more suitable it is. However, I would prefer to be able to also stream video + audio over it (which might rule out some protocols).