Re: remote desktop question

• Previous message: brandon.steili_at_gmail.com: "Sender Spoofing via SMTP"
• In reply to: jordanpw: "Re: remote desktop question"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Wed, 2 Nov 2005 16:31:41 -0600
To: jordanpw@gmail.com

Same rules apply. If you are giving them any kind of VPN access you're
hooking them into your network, for that reason you should make sure
they're running some kind of firewall - and I have much more faith in
an appliance based firewall than, for instance, Windows (host) based.
If you require them to get a router for their home network, odds are
good it has VPN functionality (I like linksys for the most part).

For traveling, and they're using laptops, you can use either Windows'
client or a client that comes with your endpoint. For your endpoint I
would again recommend a device as opposed to, for instance, RAS (which
would require you to either open ports in your firewall or place the
box directly on the Internet). If you use a cisco device (PIX or 3000
or other) they have a decent client for Mac and Windows, and one that
"works" for linux.

On 11/2/05, jordanpw <jordanpw@gmail.com> wrote:
> Thanks. Thinking more in terms of allowing users from multiple
> locations - home / home office etc ...
>
> Brian Loe wrote:
>
> >If connecting two sites then you would use the router/firewall at each
> >site to create the tunnel. Your performance hit will vary depending on
> >your connection speed and what you're doing via terminal services -
> >but for the most part my experience has been very good.
> >
> >SSL VPN is a very easy way to go but I've recently began question it's
> >security. If someone can perform a MITM attack on an SSL session, why
> >not an SSL VPN session? I don't know...just wondering.
> >
> >
> >
> >
> >>I see this advice often on this list. I work with very small businesses
> >>(200 users and below) where number of servers / firewalls / routers, and
> >>budgets for same, are very small. So I have some (very basic I'm
> >>afraid) questions on this subject:
> >>-- Is there not a slowness / performance hit when forcing users to
> >>access a Terminal Server via a VPN connection?
> >>-- This will require VPN client software on all client machines right?
> >>Or is the in-built MS VPN connection stuff considered acceptably secure
> >>in this scenario?
> >>-- Or should we look at SSL VPN for this?
> >>
> >>Thanks in advance for any feedback ...
> >>
> >>
> >
> >
> >
>
>

• Previous message: brandon.steili_at_gmail.com: "Sender Spoofing via SMTP"
• In reply to: jordanpw: "Re: remote desktop question"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages RE: Printing from Win9x clients stops ... Open Server Management. ... then right-click the name of the computer running Windows Small Business ... >From the client computer: ... The Select Network Component Type ... (microsoft.public.windows.server.sbs) RE: Printing from Win9x clients stops ... The printers with 9x drivers on the server appeared automatically in the ... > then right-click the name of the computer running Windows Small Business ... > From the client computer: ... The Select Network Component Type ... (microsoft.public.windows.server.sbs) RE: Slow VPN logon and Spuratic folder visibility ... I understand that the remote VPN client ... network configuration. ... the VPN client can access SBS fine? ... Slow VPN logon and Spuratic folder visibility ... (microsoft.public.windows.server.sbs) Re: Group Policy access denided ... Group Policy processing aborted. ... DFS client to make a connection. ... File and Printer sharing, netbios, etc) and firewalled the external network ... NT or Windows 2000 to Windows 2003 Server. ... (microsoft.public.backoffice.smallbiz2000) Re: Outgoing VPN Error 619 ... Outbound VPN problem: ... Q1 - is the test client configured as SecureNET? ... Q2 - what do you find in the ISA logs for your tests? ... I've checked in local network rules and I do have a rule called VPN clients ... (microsoft.public.isa.vpn)