Remote Desktop from home to Access corporate network resources


Doug Fox

How secure it is to use the Remote Desktop instead of Client to Site VPN or
SSL VPN from home to access Corporate data network?

A colleague argues that Remote Desktop is secure engouth which is using
remote desktop protocol RDP which uses RC4 to encrypt data.

Any comments/suggestions are appreciated.

Thanks again,


Steven L Umbach

One could certainly argue that it is secure enough particularly if the
firewall only accepts connections from the public IP addresses of home users
[which may not be possible if they have dynamic IPs] and the computers are
configured with the security option to be FIPS compliant [which may break
things like access to secure websites] and using TLS. However the cost may
be relatively low to use a VPN with L2TP relative to the benefits which
requires that the computers authenticate with the VPN server via computer
certificates before a VPN session can be established which will do a lot to
keep others from trying to access your RDP opening in the firewall. Then you
will have your RDP sessions through 3DES ipsec via L2TP which is more
secure. But again it is very hard to say what is secure enough. If lives or
the survival of the business depend on the confidentiality of the data then
I would certainly suggest using L2TP VPN. The more valuable the target the
harder attackers will try to access the data. The link below explains all
the current options for securing RDP with W2003/XP Pro. --- Steve

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question