Re: Remote Desktop from home to Access corporate network resources

From: "Steven L Umbach" <n9rou@xxxxxxxxxxxxxxxxxxxxxxxxxx>
Date: Mon, 13 Mar 2006 19:13:45 -0600

One could certainly argue that it is secure enough particularly if the
firewall only accepts connections from the public IP addresses of home users
[which may not be possible if they have dynamic IPs] and the computers are
configured with the security option to be FIPS compliant [which may break
things like access to secure websites] and using TLS. However the cost may
be relatively low to use a VPN with L2TP relative to the benefits which
requires that the computers authenticate with the VPN server via computer
certificates before a VPN session can be established which will do a lot to
keep others from trying to access your RDP opening in the firewall. Then you
will have your RDP sessions through 3DES ipsec via L2TP which is more
secure. But again it is very hard to say what is secure enough. If lives or
the survival of the business depend on the confidentiality of the data then
I would certainly suggest using L2TP VPN. The more valuable the target the
harder attackers will try to access the data. The link below explains all
the current options for securing RDP with W2003/XP Pro. --- Steve

http://technet2.microsoft.com/WindowsServer/en/Library/a92d8eb9-f53d-4e86-ac9b-29fd6146977b1033.mspx

"Doug Fox" <dfox138-no-spam@xxxxxxxxxxx> wrote in message
news:urnFOUuRGHA.4956@xxxxxxxxxxxxxxxxxxxxxxx

How secure it is to use the Remote Desktop instead of Client to Site VPN
or SSL VPN from home to access Corporate data network?

A colleague argues that Remote Desktop is secure engouth which is using
remote desktop protocol RDP which uses RC4 to encrypt data.

Any comments/suggestions are appreciated.

Thanks again,

DF

References:
- Remote Desktop from home to Access corporate network resources
  - From: Doug Fox

Prev by Date: Re: how to prevent a user from installing software?
Next by Date: What is an ideal architecture for OWA?
Previous by thread: Remote Desktop from home to Access corporate network resources
Next by thread: What is an ideal architecture for OWA?
Index(es):
- Date
- Thread

Relevant Pages

How secure is VPN access?
... The way we work here is there is a firewall after the VPN endpoint so we ... To our knowledge this is the most secure way we can do it to prevent the ... require remote access to help ensure network security. ...
(Security-Basics)
Re: Firewall advice required please
... It provides a secure frontend ... and air-gap is the only product we carry. ... no other firewall can touch. ... Provide secure access without a VPN from any web browser (this greatly ...
(comp.security.firewalls)
RE: VPN and Security
... VPN is as secure as how well it is implemented and used. ... and production network, wheat are we really looking at. ... Any one give home users ...
(Security-Basics)
RE: VPN and Security
... Do you mean for a more secure setup he should split tunnel? ... the split tunneling makes me think 'less secure' precisely ... network printer or accessing a share on the file server at the office. ... Subject: VPN and Security ...
(Security-Basics)
Re: Another RWW versus VPN question
... Sarbanes Oxley and all other regulations are silent as to technology. ... One could argue that after the CISCO/Michael Lynn Blackhat/Vegas issue that Cisco isn't that secure. ... With VPN access, the data could be pulled over the wire to my home users, they "could" introduce more risk to my network if they are not patched, updates and protected. ... I have a client that recently had a programmer from a large security based company come by and demo the Access database he is working on for them. ...
(microsoft.public.windows.server.sbs)