Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

How secure is Terminal Services Web on Win2003 server

Status
Not open for further replies.
Dirtbike

Dirtbike

IS-IT--Management
Dec 9, 2002
81
US
We need a method for people to get into our system. In the past they dialed up to our UNIX box. We've put in a new network with WiFi VOIP and the whole nine yards. We have Siemens routers. The IP guru says the heck with VPN, Siemens has a TS solution that works great. Our IP guru "wannabee" says TS Web is too unsecure and that all somebody needed to do was discover our port and then the exploits can begin. I trust our IP guru but my boss trusts the wannabee dude. The wannabee dude is a EE with LAN/WAN experience but the other dude is MCSE, CCNP, with years of real world experience. (read not just another "paper" certified engineer) Thanks for the help\\

Scott in Charlotte, NC
 
Sort by date Sort by votes
If you really wanted to make sure it is secure then have your users VPN in and then TS to the box you want them to hit.
 
Upvote 0 Downvote
If I had the option to VPN or TS, I'd VPN any day of the week. Fact I have a TS server...but you have to VPN in to use it.

I'm Certifiable, not certified.
It just means my answers are from experience, not a book.
 
Upvote 0 Downvote
not nessasarily, but there's riskier security implications to going via the other routes, so stick with a VPN

the VPN gives them LAN IP visablity, not remote desktop usage, they'd then connect to the Terminal server via the internal IP address of the TS

often seen a sales person promising that an app like a database would work fine over a VPN, or all you need is a VPN e.t.c. but we're like 'in what context?' when the project lands on the desk

there are all manner of variables? like TS or Citrix or thick client to first spring up

the 'Wannabee' sound more rounded, the IP Guru sounds like he's trying to sell you something, yeah, hacks would probably start if it was a published TS

the TS web would probably be TS's in an DMZ and port forwarded to from a Firewall on the edge of your DMZ facing the Internet, with open ports for AD authentication through a 2nd Firewall between you DMZ and LAN to your internal DCs

anything less is risky (if you go the published route instead of VPN)

Gurner

 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

Aquiles Vidal
  • Locked
  • Question
Web Browsers in Windows Server or Terminal Server
Replies
0
Views
252
Aquiles Vidal
Aquiles Vidal
MaioMaio
  • Locked
  • Question
Server Remote Desktop License
Replies
0
Views
203
MaioMaio
MaioMaio
mangentle
  • Locked
  • Question
What could be the potential causes if a Microsoft Windows Server is experiencing slow network!
Replies
1
Views
385
gbaughma
gbaughma
DeepuM
  • Locked
  • Question
Web Response returned Web Exception : The underlying connection was closed error | Simphony & QS
Replies
0
Views
162
DeepuM
DeepuM
rzammit82
  • Locked
  • Question
Windows Server 2016 - DNS/AD problem
Replies
1
Views
292
suncit
suncit

Part and Inventory Search

Sponsor

Back
Top