Re: RDP, RWW and VPN difference
- From: "Les Connor [SBS Community Member - SBS MVP]" <les.connor@xxxxxxxxxxxx>
- Date: Tue, 15 Aug 2006 17:47:36 -0500
I'll give you this ....
It's great to see a security expert installing SBS, and bringing what he
knows to his implementations and to the community. Good work Leythos.
For the vast majority of the rest of us, a security expert that's more than
smoke and mirrors is hard to find - perhaps even impossible. In that
position, and considering that RWW works 'out of the box', and is inherently
more secure than the 'default' VPN some might fall into - I'd give kudo's to
SBS DEV as well :-).
No matter what we say, Remote Web Workplace is the single most talked about
and valuable feature in SBS, and that's from the end customers point of view
:-).
--
Les Connor [SBS Community Member - SBS MVP]
-----------------------------------------------------------
SBS Rocks !
----------------------
"Tell me and I'll forget. Show me and I'll remember. Involve me and I'll
understand." - Confucius
"Leythos" <void@xxxxxxxxxxx> wrote in message
news:%njEg.53432$vl5.4027@xxxxxxxxxxxxxxxxxxxxxxxxx
In article <OzgxI6CwGHA.4140@xxxxxxxxxxxxxxxxxxxx>,
charlie@xxxxxxxxxxxxxxxxxxxxxxx says...
What Susan said. ;)
Seriously - I've yet to see virtually anyone implement VPN any other way
than the default. And for that implementation, I definitely prefer RWW.
And,
when I add in Dana's two factor authentication, with one-time passwords,
I
like that a whole lot better still.
What is the default?
It really comes down to what you know and what hardware you have
experience with.
Just because you don't have a lot of security experience doesn't mean
you can't learn from those that do.
A cheap D-Link DFL-700 router/firewall (under $300) will act as a PPTP
Server and allow you to create groups/users on it, then allows you to
restrict those VPN sessions to specific ports/IP in the network.
Before SBS and RWW we use to work with VPN's all the time, nothing has
changed in all these years. What we see now are people that don't
experience the real security devices and are using NAT Routers as
firewalls and they've lost all the quality features of firewwalls by
doing so.
I like the idea of a OTP, but, since I've already got a firewall at
EVERY Clinets location, I don't need to add anything to SBS (or any
Windows Server network) to provide two pass authentication.
Oh, and if you are using a real firewall you get other benefits:
Attachment stripping in the inbound SMTP Session, removal of bad headers
from inbound SMTP, removal of some detected bad items from inbound SMTP
sessions, email size limiting, removal of bad things from HTTP Sessions,
removal of download items from HTTP Sessions (by file type), blocking of
Active-X, etc....
I'm not trying to start an argument, but you guys really need to see
that there was an existing and proven method that worked/works as well
or better than RWW (as packaged with SBS) when properly implemented.
--
spam999free@xxxxxxxxxx
remove 999 in order to email me
.
- Follow-Ups:
- Re: RDP, RWW and VPN difference
- From: Charlie Russel - MVP
- Re: RDP, RWW and VPN difference
- References:
- Re: RDP, RWW and VPN difference
- From: Charlie Russel - MVP
- Re: RDP, RWW and VPN difference
- From: Charlie Russel - MVP
- Re: RDP, RWW and VPN difference
- Prev by Date: Re: Disaster - Small Business Server Backup does not restore
- Next by Date: Re: favorites doesn´t save on server
- Previous by thread: Re: RDP, RWW and VPN difference
- Next by thread: Re: RDP, RWW and VPN difference
- Index(es):
Relevant Pages
|
Loading
