[THIN] Re: Anywhere Access security
- From: "Andrew Rogers" <Andrew.Rogers@xxxxxxxxxxxxxxxxxx>
- To: <thin@xxxxxxxxxxxxx>
- Date: Tue, 13 Jul 2004 10:34:32 +0100
counter question, why have Citrix released secure gateway? :)
I don't really know why MS have released this, i presume just to compete with
Citrix and the fact that vpns arent the simplest of things for users to get up
and going i guess..
ooh, i guess it could also be useful for those who need access to rdp in locked
down locations? currently (i think) you can only hit rdp servers directly,
meaning the port has to be open to the internet.. We bandied about this earlier
in the year and came to the concisive conclusion that opening the ports
directly may or may not present a security risk now or in the future :)
(although that was for Citrix ports, but id imagine it holds true for TS too)
Andrew
--o--
>>> nick@xxxxxxxxxxxxxxx 13/07/04 10:13:57 >>>
Point taken,(And understood :)) regarding higher than 128-bit.
Ok, let's try the question another way; why are MS bothering to release
this (And position it against VPNs) if it does not provide more
security than currently (The implication being that you currently
*cannot* "allow users to securely access ... Resources...without using
VPN technology"). My bottom-line question is: is RDP currently not
considered secure? By MS or anyone else?
Nick
-----Original Message-----
From: Andrew Rogers [mailto:Andrew.Rogers@xxxxxxxxxxxxxxxxxx]
Sent: 13 July 2004 09:16
To: thin@xxxxxxxxxxxxx
Subject: [THIN] Re: Anywhere Access security
Well, aside from me not being able to see where it says a VPN is more
secure, I do believe VPNs can go higher than 128bit encryption :)
So, uh, less than 3 syllables.. it done come from ms
Andrew
--o--
>>> nick@xxxxxxxxxxxxxxx 13/07/04 08:41:16 >>>
Quote from Brian's website
(http://www.brianmadden.com/content/content.asp?id=192):
"One of the new Terminal Services features is the ability for a Windows
Server to encapsulate and proxy RDP traffic over HTTPS connections. The
RDP over HTTPS proxy is part of what Microsoft calls "Anywhere Access."
Not to be confused with Citrix's "Access Infrastructure," Microsoft's
Anywhere Access will allow users to securely access corporate resources
over the public Internet without using VPN software."
I'm now confused - and I would stress I am by no means a security
expert, *but* my understanding was that the RDP protocol - assuming
decent security levels on the client device - would automatically wrap
everything in 128-bit encryption after the initial RDP handshake. So
I've always struggled to understand how VPN is inherently more secure
than that, except that you have to install complicated (For end users)
client software to make it work.
How then, is this 'more secure'? Or to put it another way, how insecure
is RDP inherently?
For preference answers in words of less than 3 syllables...
Nick
********************************************************
This weeks sponsor Emergent Online Thinssentials Utilities Using the
latest software, hardware, networking technologies, proven technical
expertise, proprietary software and best practices, EOL provides
custom-tailored solutions for each client's mission and specific goals.
http://www.go-eol.com
**********************************************************
Useful Thin Client Computing Links are available at:
http://thin.net/links.cfm
***********************************************************
For Archives, to Unsubscribe, Subscribe or set Digest or Vacation mode
use the below link:
http://thin.net/citrixlist.cfm
********************************************************
This weeks sponsor Emergent Online Thinssentials Utilities Using the
latest software, hardware, networking technologies, proven technical
expertise, proprietary software and best practices, EOL provides
custom-tailored solutions for each client's mission and specific goals.
http://www.go-eol.com
**********************************************************
Useful Thin Client Computing Links are available at:
http://thin.net/links.cfm
***********************************************************
For Archives, to Unsubscribe, Subscribe or set Digest or Vacation mode
use the below link:
http://thin.net/citrixlist.cfm
********************************************************
This weeks sponsor Emergent Online Thinssentials Utilities
Using the latest software, hardware, networking technologies, proven technical
expertise, proprietary software and best practices, EOL provides
custom-tailored solutions for each client's mission and specific goals.
http://www.go-eol.com
**********************************************************
Useful Thin Client Computing Links are available at:
http://thin.net/links.cfm
***********************************************************
For Archives, to Unsubscribe, Subscribe or
set Digest or Vacation mode use the below link:
http://thin.net/citrixlist.cfm
********************************************************
This weeks sponsor Emergent Online Thinssentials Utilities
Using the latest software, hardware, networking technologies, proven technical
expertise, proprietary software and best practices, EOL provides
custom-tailored solutions for each client?s mission and specific goals.
http://www.go-eol.com
**********************************************************
Useful Thin Client Computing Links are available at:
http://thin.net/links.cfm
***********************************************************
For Archives, to Unsubscribe, Subscribe or
set Digest or Vacation mode use the below link:
http://thin.net/citrixlist.cfm
Other related posts:
