I would never, ever, allow non-company-managed PCs to connect to our VPN. As
you think, that's just asking for all kinds of trouble.

 

Since most of your home users won't have MS Office on their home PCs,
they'll get more done if you give them TS access to your standard corporate
suite of applications. I'm not sure how you could give the users RDP to
their actual desktop PCs if the PCs are in a moving van headed to your new
offices.

 

-Malcolm

 

From: David Lum [mailto:david....@nwea.org] 
Sent: Wednesday, November 10, 2010 15:17
To: NT System Admin Issues
Subject: Terminal Server or VPN?

 

In a few weeks (Dec 17th) we'll be having a massive "work from home" day
(200-ish users, because we're moving our office to a different city) and we
have the option of standing up some Terminal Servers or just running with
VPN. Most users are expected to just want MS Office apps and Internet
Explorer. Several (a couple dozen) will also want RDP access to their
desktops. 

 

We have 3 TS servers now (1 2K8, 2 W2K3) but have the capability to stand up
more 2008 TS servers. I have no experience setting up TS farms or getting
them available for ability to his via Internet, although both of these
appear to be pretty straightforward. I am also under the impression that TS
via Internet uses less bandwidth than a straight-up VPN connection.

 

VPN is already established but we'll certainly have many users using their
home PC that don't currently have VPN configured and would much rather have
them connect via Terminal Server than install, configure and then connect an
unknown system  - from a security/patched/AV standpoint - to VPN.

 

I think it's kind of six of one half dozen of another as far as overall
effort, but I REALLY don't want unmanaged home PC's connecting via VPN.

David Lum // SYSTEMS ENGINEER 
NORTHWEST EVALUATION ASSOCIATION
(Desk) 971.222.1025 // (Cell) 503.267.9764

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Reply via email to