Windows Server 2003 Remote Desktop Security

Posted on 2004-10-22
Medium Priority
Last Modified: 2010-04-11
We currently are using a lot of HP IP KVM Console switches to provide remote access to all of servers (NT4, 2000, 2003).  However, we find that these are very difficult to use, except for emergencies, and would like to implement Remote Desktop when the servers are upgraded.

Before doing this we would like to fully understand the security implications of doing this.  I am therefore looking for some documentation that details the security differences between enabling remote desktop and using the IP KVM.
Question by:jzh0g0
LVL 14

Accepted Solution

chris_calabrese earned 252 total points
ID: 12380134
MS Remote desktop is reasonably well thought out from a security standpoint and can be a very secure solution if:
o Your Windows domain is reasonably secure
o The desktops you'll be using as clients are reasonably secure (you don't want someone to hack your desktop and then get a free ride onto the server when you use a remote desktop - yes, such attacks have actually happened in the real world.
o You tunnel it through a VPN when going over the open Internet (two layers of protection is better than one, especially when all the things we're talking about have had flaws discovered in them at one time or another - I wouldn't run SSH raw over the Internet either)

As for how the HP IP KVM switches stack up, I'm guessing that they don't. HP doesn't have the best track record at thinking about security in their management solutions, and the only information on security issues of HP's IP KVM switches I dould find on HP's website was "Security for servers is controlled by a database of user names with multiple security levels that is configured and saved on the switch." Drilling down into whitepapers, FAQ's, and other resources on their website revealed a lack of any further information.
LVL 12

Assisted Solution

Mazaraat earned 248 total points
ID: 12385223
First, I agree with Chris above I have all of my remote users remote desktop through a VPN connection, but also wanted to provide you with some reading material =)

Featured Post

What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Considering today’s continual security threats, which affect Information technology networks and systems worldwide, it is very important to practice basic security awareness. A normal system user can secure himself or herself by following these simp…
What monsters are hiding in your child's room? In this article I will share with you a tech horror story that could happen to anyone, along with some tips on how you can prevent it from happening to you.
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, just open a new email message. In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …
Suggested Courses

850 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question