Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

Remote Access

1 view
Skip to first unread message

Hollera...@gmail.com

unread,
Aug 9, 2006, 2:51:36 PM8/9/06
to
Hi,

I am the IT Administrator for a new company and am currently making my
proposal for what I need us to get off and running. We just moved into
a building and we need to have remote access back to the corporate
network.

We have outsourced our website development to a consulting company and
they recommended for remote access to stick a Windows Server 2000 box
in the DMZ off of my firewall and running Terminal Services on it, then
authenticate that against the domain controller. THis will allow me to
buy a cheaper firewall that will cannot terminate VPN's. My vote is
for VPN's and a little bit heftier firewall (Cisco ASA) and even after
we purchase a box for windows 2000 to run in the DMZ, it is almost the
same cost anyway.

My question is, would the RDP to the TS box be as good as running VPN's
and if not, what would I be losing? We are just talking client to site
connections for travelling employees.

Thanks for any help.

-Kevin

www.BradReese.Com

unread,
Aug 10, 2006, 6:10:57 PM8/10/06
to
Hi Kevin,

Please call End-User Cisco Pre-Sales Support Toll Free:

877-235-5477

or Email:

sales_enquiry *at* external.cisco.com

Cisco is very good at this.

Sincerely,

Brad Reese
BradReese.Com - Global Cisco Systems Pre-Sales Support
http://www.bradreese.com/contact-us.htm#CISCO
1293 Hendersonville Road, Suite 17
Asheville, North Carolina USA 28803
USA & Canada: 877-549-2680
International: 828-277-7272
Fax: 775-254-3558
AIM: R2MGrant
BradReese.Com - Cisco CraigsList Job Openngs
http://www.bradreese.com/craigslist-networking-jobs.htm

K.J. 44

unread,
Aug 16, 2006, 9:12:31 AM8/16/06
to
Brad,

I emailed the email address but no one ever got back to me.

christian koch

unread,
Aug 16, 2006, 9:46:38 AM8/16/06
to
> My question is, would the RDP to the TS box be as good as running VPN's
> and if not, what would I be losing? We are just talking client to site
> connections for travelling employees.
>
> Thanks for any help.
>
> -Kevin

Kevin,

I can only give you my opnion here, but I'd deploy a firewall and vpn,
and if you want to access desktops you can the run remote desktop over
the vpn which is being safer anyways.

If you were to just run RDP, you would have to tunnel over SSH, RDP is
prone to MITM attacks and extra security never hurts when it comes to
protecting your assets.

christian

K.J. 44

unread,
Aug 16, 2006, 10:06:17 AM8/16/06
to
Christian,

Thanks! You and I are on the same page, just have to convince the
penny crunchers, though they are very concerned about security so
hopefully it won't take too much.

Thanks.

christian koch

unread,
Aug 16, 2006, 10:12:34 AM8/16/06
to
np Kevin,

the easiest way i've found to convince the suits is to show them real
world examples..

show them how easy it is for certain security examples to be breached

i have a link somewhere for RDP MITM if you would like

K.J. 44

unread,
Aug 16, 2006, 10:49:25 AM8/16/06
to
Christian,

I appreciate that. i found an article that described the exact way and
I included it in my proposal, however, the article was written a couple
years ago so I wasn't 100% sure of its validity.

http://www.oxid.it/downloads/rdp-gbu.pdf.

Thanks.

christian koch

unread,
Aug 16, 2006, 10:56:49 AM8/16/06
to
ha yeh thats the one I was going to link

also check out http://www.securiteam.com/windowsntfocus/5EP010KG0G.html

it is only from last year

0 new messages