Home page logo

basics logo Security Basics mailing list archives

RE: terminal server security vs vpn
From: "Brent Kern" <bkern () sib ok gov>
Date: Tue, 14 Aug 2007 08:38:10 -0500

We went through this at our government agency and the remote desktop client is 128bit encrypted.  We found it on 
Microsoft's website, terminal server seemed to be the most logical solution with the least administrative overhead.

Brent Kern
IT Network Management Specialist

-----Original Message-----
From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On Behalf Of Chris Barber
Sent: Monday, August 13, 2007 2:18 PM
To: Juan B
Cc: security basics
Subject: Re: terminal server security vs vpn

If you use SSL-VPN you will not need a client, or at worst you will
not be required to install a client before you can make the
connection.  The only thing needed from that standpoint is a browser.
This makes VPN more "Web Like" and easier on the user, without
compromising your security.  i would contact one of the loacl
resellers in your area and ask for a demo

Cisco, Juniper, Aventail and Checkpoint all have SSL-VPN solutions
that are quite nice.  I prefer the Juniper myself.

Hope this helps

On 8/13/07, Juan B <juanbabi () yahoo com> wrote:

I am looking for a solution to my users so they can
log in from home and work connect to there office
pc's, of course I will use terminlal server.

My question is, why to use double encryption, why use
vpn client to connect to the corporate FW and then to
connect throw it with a ts session, AFAIK Ts is
encrypted as well and one can set the encryption to
high which is the same as VPN right?

I want to nake the connection simple to the user and
securure. do I need also a vpn client, I guess not, am
I missing something here?

I will also change the port to increase security.

Thanks a lot,


Need a vacation? Get great deals
to amazing places on Yahoo! Travel.

The contents of this electronic message, including attachments, are 
transmitted by the Oklahoma State and Education Employees Group Insurance Board,
an Oklahoma government agency according to the Uniform Electronic Transactions Act,
12A O.S. 15-101 et seq.  This message is intended for use by the named addressee 
only and may contain information that is confidential or private according to state 
or federal laws.  If you have received this electronic message in error, please notify
the sender by a reply to sender only message, delete it completely from your computer 
and maintain confidentiality of the message. Any unauthorized disclosure, distribution, or 
use of the contents of this message is prohibited and subjects the user to penalty of law.

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]