• United States

SSL VPN vs. Windows Remote Desktop for remote access

Mar 20, 20062 mins
ComputersNetwork SecurityRemote Access

What would be a more secure way to provide remote access to internal intranet resources – an SSL VPN or Windows Remote Desktop?

The protocol-level security of the SSL VPN is roughly the same as Remote Desktop’s security. Both are susceptible to the same kinds of man-in-the-middle eavesdropping attacks, and the same downloadable tool kits are capable of compromising both connections.

The most secure choice is the one you can best monitor and manage over time. SSL VPNs typically require the installation of a third-party VPN client software package, while the Remote Desktop access client is part of Windows XP.

If your users are all using XP, and their needs can be met by providing remote access to a workplace desktop, this may simplify administration, compared with rolling out and maintaining an SSL VPN.

But if you want to provide access to a limited set of internal resources to a more tightly controlled group of users, then an SSL VPN system could be a better fit for policy and implementation requirements.

The key is to be able to monitor and track activity in the network, in order to identify inappropriate usage patterns, as well as react and control the network enough.