[Webinar] Learn how to a build a cloud-first strategyRegister Now

  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 465
  • Last Modified:

Microsoft's RRAS Really a Secure Environment?

I'm considering two methods of providing VPN access access to my network.  One being a third-party VPN solution like Checkpoint VPN.  The other is to use Microsoft's RRAS solution.  Is Microsoft's RRAS/VPN Server solution really a secure one?   Thinking about putting a Microsoft O/S server in my DMZ and using standard Windows Client VPN/encryption gives me pause.  I do already have a firewall.

Any opinions out there?
1 Solution
If you are simply allowing the required ports through then its not as big of an issue. I would not recommend putting this directly exposed to the internet.

However you did not mention which scheme you are planning to make use of?

PPTP is generally considered to be cryptologically weak and possible to exploit.

IPSec L2TP implementations are more secure than the above noted solution of PPTP so if you configure your RRAS implementation be sure to disable the PPTP Virtual Adapters to force all connections to be L2TP.

There is an additional level of prtoection to consider which is that if you use the standard Microsoft VPN approach, anyone with a Windows PC has the potential to connect to your network whereas if you use an IPSec solution, you;re typically dependent on that vendor's VPN client and a configuration file for the tunnel definition which is another factor the would be hacker has to take into account.

Featured Post

Automating Your MSP Business

The road to profitability.
Delivering superior services is key to ensuring customer satisfaction and the consequent long-term relationships that enable MSPs to lock in predictable, recurring revenue. What's the best way to deliver superior service? One word: automation.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now