Re: Slightly OT - VPN/RWW - your preferences and recommendations?
From: John Harris (johnh_at_antispam.comptroub.co.nz)
Date: 10/18/04
- Next message: Ken Schaefer: "Re: OWA Error - The amount of traffic exceeds ..."
- Previous message: Marcelo Veiga N.: "Re: Problem with Security Groups"
- In reply to: David Elders: "Re: Slightly OT - VPN/RWW - your preferences and recommendations?"
- Messages sorted by: [ date ] [ thread ]
Date: Mon, 18 Oct 2004 15:43:13 +1300
What about setting up Terminal Services on a separate server? I believe
(Susan can probably help here) that this is secure and it caters for all
your other requirements.
As far as e-mail goes you could try RPC over HTTP. This would allow them to
view both online and offline.
As Susan said, security is only ever as good as the password so complex,
regularly changing, non repeating passwords is the go here.
-- John Harris (Harry) Computer Troubleshooters - Hornby Christchurch New Zealand "David Elders" <david_elders@hotmail.com.nospam> wrote in message news:eQY43PKtEHA.3320@TK2MSFTNGP15.phx.gbl... > Hi Susan, > > You must be going for a Guinness record of 'most first answers to queries > in > newsgroups'! > > Thanks for the heads up on that - wasn't even aware of that option to be > honest. Am interested in whether there are technical preferences > security-wise to either PPTP or more likely IPSEC for the VPN side of > things. I've always kinda held the view that I'd prefer not to open > ANYTHING > up until there is a secure VPN connection in place. Again, from a purely > security point of view, is that more or less secure than using RWW > [assuming > password side of things is properly managed, obviously] > > I'd like to sort out a properly layered approach to this: > Most secure form of remote access [dial-in is obviously direct to the SBS > box itself whereas VPN is encrypted across a public medium] > Most secure form of authentication [PPTP/IPSEC - thinking IPSEC is the way > to go?] > Ensuring greatest overall security [your link addresses that I think!] > Most secure form of email usage [OWA?] > Etc > > Incidentally, came across this the other day - thought it might be of > interest: > http://blogs.msdn.com/robert_hensing/archive/2004/07/28/199610.aspx > ...which is by an MS tech guy who is proposing using pass-phrases as > opposed > to passwords - interesting reading to say the least. > > Again, thanks for the quick response. > > Cheers, > > > > David > > PS - I owe you a Mountain Dew for that one! :-) > > > > "Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP]" <sbradcpa@pacbell.net> > wrote in message news:ue31$$JtEHA.3324@TK2MSFTNGP15.phx.gbl... >> PPTP's security is just as good as or as bad as a password. >> >> The better question is what data are they protecting and what clients >> are connecting in? >> >> You have to have XP workstations behind that SBS to have RWW. >> >> If all of those workstations are remote... I'd be spending my time >> getting the network quarantine feature of Windows 2003 working rather >> than worrying about IPsec. >> >> >> > http://download.microsoft.com/download/0/7/e/07ed1953-0ab5-41ea-b5da-41cf8bb > 9cdae/Quarantine.doc >> >> David Elders wrote: >> > Hi all, >> > >> > Looking to guage some opinion on the following set-up and your views on > the >> > Pros/Cons for the various options: >> > >> > SBS2K3 Premium with 2 NICs - NAT'ing Router - Broadband >> > NO local clients - ALL clients will be remotely located with most being >> > mobile [laptops] >> > Probably not more than 20 clients in total with no more than 2/3 > concurrent >> > connections >> > Ideally, most clients will connect via Broadband although potential for > 56k >> > dial-up will mean that option almost certainly has to be there also... >> > Email access required remotely - email would only be INTERNAL however >> > Possibly/Likely central Sharepoint website access required remotely >> > Possibly access required to central files, although this is less likely > or >> > central to things >> > >> > Customer is concerned with security of their data in terms of all the >> > clients being remotely located and is leaning [at this early stage, at >> > least] towards OWA for Email rather than Outlook either downloading >> > from >> > Exchange or synching with it [i.e. remote clients would only have >> > access > to >> > their email whilst connected] >> > >> > Firstly, would the consensus be to opt for VPN [I'm assuming IPSEC > rather >> > than PPTP] or Remote Web Workspace? The customer will probably opt for >> > whichever method provides the greatest level of security and central >> > control. >> > >> > Thanks in advance for any and all opinions, comments and > recommendations! >> > >> > Regards, >> > >> > >> > >> > David >> > >> > >> >> -- >> http://www.sbslinks.com/really.htm >> http://www.msmvps.com/bradley >> https://www.ecora.com/ecora/jump/pm99.asp > >
- Next message: Ken Schaefer: "Re: OWA Error - The amount of traffic exceeds ..."
- Previous message: Marcelo Veiga N.: "Re: Problem with Security Groups"
- In reply to: David Elders: "Re: Slightly OT - VPN/RWW - your preferences and recommendations?"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
