Questions about internet security

G

Guest

I'm not sure if this is the right forum, but I have some questions related to security

We have a Small Bus Server 2000 - running ISA. We have a public address on this server, so that we can RDP into the machine from the outside world

No hardware firewalls or NAT's (I'm not a network person, so I'm at my limit even talking about this stuff)

I've got a client that basically had the same configuration - 4 servers all with public IP's. They just installed a SonicWall Pro 2040 to further secure there setup. Their hardware guy is suggesting that I purchase a SonicWall TZ 170 to make my box more secure. Is this necessary

Is RDP a safe way to connect around the internet to machines in general?
 
F

Fritz

I personally wouldn't do that. It would be safer if you could VPN into your
network first and then connect to the RDP servers.
 
G

Guest

VPN can be both hardware and software based - what would you recommend

A couple of months ago another client of mine tried to get me to start using CISCO VPN software. We couldn't get the ISA server to allow that to pass out onto the internet (?not really sure why - something about IPSEC I think)

Would something like this SonicWall TZ 170 help in any way

Is having a public address on a SBS 2000 box a bad practice
 
R

Roger Abell

Personally I would look at upgrading to SBS2k3, at some point
the premium version will include ISA04 which has some rather
nice new features, and SBS2k3 has built-in setup for handling
access to RDP desktops.
Now, that is a software only solution, so layering some hardware
in front of the IP that allows RDP access can be considered as
adding extra security, and adding VPN prior to the RDP connection
layers more encryption on the RDP (which does have a small amount
of things that will travel in the clear).

--
Roger Abell
Microsoft MVP (Windows Server System: Security)
MCSE (W2k3,W2k,Nt4) MCDBA
Steve said:
VPN can be both hardware and software based - what would you recommend?

A couple of months ago another client of mine tried to get me to start
Click to expand...
using CISCO VPN software. We couldn't get the ISA server to allow that to
pass out onto the internet (?not really sure why - something about IPSEC I
think).
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

DHCP Questions 6
Best way to setup remote access for my network 17
Internet Security Warning 2
Can't connect using RDP from one spot but can from another 5
Windows XP Pro, Internet Connection Firewall & Group Policy 4
Vista RDP to Windows 2008 Server 1
XP as a router 3
Off Topic...Public IPs 4

Top