Re: RDP, RWW and VPN difference
- From: "Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP]" <sbradcpa@xxxxxxxxxxx>
- Date: Tue, 15 Aug 2006 23:25:19 -0700
And I don't do Outlook over http as I don't want data on those laptops as that is not an acceptable risk. So to each his own :-)
Reporting features and patch management on that ISA is why.
Leythos wrote:
In article <O1ZLSzLwGHA.3392@xxxxxxxxxxxxxxxxxxxx>, les.connor@xxxxxxxxxxxx says....I'll give you this ....
It's great to see a security expert installing SBS, and bringing what he knows to his implementations and to the community. Good work Leythos.
I'm by no means an expert, but I have a lot of experience and no compromised managed clients, since the 70's (not that we had malware to worry about then).
For the vast majority of the rest of us, a security expert that's more than smoke and mirrors is hard to find - perhaps even impossible. In that position, and considering that RWW works 'out of the box', and is inherently more secure than the 'default' VPN some might fall into - I'd give kudo's to SBS DEV as well :-).
I love the idea of RWW and the services that SBS offers, in fact, I moved my company to SBS 2003 Prem on a nice server and removed three other Win 2003 Std servers we were using for the same functions. I've not permitted port 4125 acccess, but we don't do RWW at our company.
I have implemented Outlook over HTTPS at all clients now that I've had time to test it, and it's great as most clients don't restrict HTTPS in their companies (most companies don't block HTTPS outbound).
I would think that we, as a community, need to educate everyone on the Myth about NAT appliances being Firewalls and that there are solutions that provide proper security that many of the kids today are missing because of marketing hype. I always cringe when I hear someone say "My Firewall" or "I have a firewall", when all they really have is a pretty NAT Router that some marketing person packaged as a Firewall.
No matter what we say, Remote Web Workplace is the single most talked about and valuable feature in SBS, and that's from the end customers point of view :-).
I agree, it's great, and I think it's a very valuable solution for a common problem. I just don't like single authentication for something as critical as a BUSINESS solution.
I also don't like it when people say that a VPN is exposing their entire network or is less secure - when it would appear that they don't understand the scope of solutions available to people that use/design VPN's. VPN's come in many solutions, but the good ones offer full control of all traffic being passed through the VPN, only the cheap ones don't offer that.
That being said, I loved SBS, but I'm still taken back when people call NAT appliances firewalls - and I can't understand how something like ISA on the same box would still have a recommendation of at least a NAT Appliance to act as the first barrier - since ISA is suppose to be a firewall. Give me a Firewall Appliance (or dedicated Firewall server) and a single NIC solutions over a Dual NIC any day :)
- References:
- Re: RDP, RWW and VPN difference
- From: Charlie Russel - MVP
- Re: RDP, RWW and VPN difference
- From: Charlie Russel - MVP
- Re: RDP, RWW and VPN difference
- From: Les Connor [SBS Community Member - SBS MVP]
- Re: RDP, RWW and VPN difference
- Prev by Date: Re: RDP, RWW and VPN difference
- Next by Date: Re: RDP, RWW and VPN difference
- Previous by thread: Re: RDP, RWW and VPN difference
- Next by thread: Re: RDP, RWW and VPN difference
- Index(es):
Relevant Pages
|
