Andrew this is actually my thinking. Licensing is quite cheap (under $2K for 100 seats), a purchase req got submitted this week - I am fortunate that $2K is quite small beans in light of the other costs of this move.
My next question is - given an 8CPU 64Gb RAM host system (times two), does it make sense to have more than 1 TS Server VM per physical host? ESX is the VM host softwware, so I don't know if it make sense to have 1 monster 64-bit VM per physical system or have 2-3 per. I'm thinking one big TS VM per side saves overhead of additional VM systems. Thoughts, comments? I do have the 2008 TS Resource Kit and while excellent, it doesn't cover VM's thoroughly enough to answer that question. I have TS Web access working internaly, and a basic TS 2K8 server up, the practice I don't have is TS Gateway. I think I can get there in 3-4 weeks and have some testing time, but we'll see... Dave ________________________________ From: Andrew S. Baker [asbz...@gmail.com] Sent: Wednesday, November 10, 2010 2:58 PM To: NT System Admin Issues Subject: Re: Terminal Server or VPN? Sometimes you don't really have a choice, as it makes good business sense to allow it. A VPN can be configured to allow appropriate-only access. It does not have to be synonymous with a free-for-all connection. The TS solution has licensing implications, as well. Hopefully, 5 weeks is enough time for you to get the nuances of this solution in place. I would recommend ensuring that the VPN is a viable plan B, in case there are some issues. I can almost foresee that you'll be supporting both on the 17th... ASB (My XeeSM Profile)<http://XeeSM.com/AndrewBaker> Exploiting Technology for Business Advantage... On Wed, Nov 10, 2010 at 4:49 PM, Malcolm Reitz <malcolm.re...@live.com<mailto:malcolm.re...@live.com>> wrote: I would never, ever, allow non-company-managed PCs to connect to our VPN. As you think, that’s just asking for all kinds of trouble. Since most of your home users won’t have MS Office on their home PCs, they’ll get more done if you give them TS access to your standard corporate suite of applications. I’m not sure how you could give the users RDP to their actual desktop PCs if the PCs are in a moving van headed to your new offices. -Malcolm From: David Lum [mailto:david....@nwea.org<mailto:david....@nwea.org>] Sent: Wednesday, November 10, 2010 15:17 To: NT System Admin Issues Subject: Terminal Server or VPN? In a few weeks (Dec 17th) we’ll be having a massive “work from home” day (200-ish users, because we’re moving our office to a different city) and we have the option of standing up some Terminal Servers or just running with VPN. Most users are expected to just want MS Office apps and Internet Explorer. Several (a couple dozen) will also want RDP access to their desktops. We have 3 TS servers now (1 2K8, 2 W2K3) but have the capability to stand up more 2008 TS servers. I have no experience setting up TS farms or getting them available for ability to his via Internet, although both of these appear to be pretty straightforward. I am also under the impression that TS via Internet uses less bandwidth than a straight-up VPN connection. VPN is already established but we’ll certainly have many users using their home PC that don’t currently have VPN configured and would much rather have them connect via Terminal Server than install, configure and then connect an unknown system - from a security/patched/AV standpoint - to VPN. I think it’s kind of six of one half dozen of another as far as overall effort, but I REALLY don’t want unmanaged home PC’s connecting via VPN… David Lum // SYSTEMS ENGINEER NORTHWEST EVALUATION ASSOCIATION (Desk) 971.222.1025 // (Cell) 503.267.9764 ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com<mailto:listmana...@lyris.sunbeltsoftware.com> with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin