• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 4455
  • Last Modified:

Remote Desktop Pros/Cons

I am being asked by a client to introduce 'REMOTE DESKTOP' to his small office of <10 users. The lawyers (hold the jokes guys & gals) in this firm want to be able to access their office computers via wireless connections with their laptops while at Court, and other places.
I am a pcAnywhere user and have been for several versions. I think it is a good, stable product and don't want to get away from it if I don't have to.
Could someone, who is quite familiar with Remote Desktop & pcAnywhere give me the PROS/CONS of both to help me make my arguement?
Unless you are so familiar with both and so confident in REMOTE DESKTOP's abilities - then sway me. Please!
0
mythology8
Asked:
mythology8
1 Solution
 
bigjimbo813Commented:
Pros and cons...even thought RDC is encrypted i would stack it ontop of a VPN connection.

With windows XP, only one user can use the computer at a time. Therefore, if for some reason someone at the office is on it, the "conectee" will either have to boot them off or not log on.

If you decide on not piping this through a VPN, your going to have to open several ports from the outside...weakening your security.

Also instruct your clients on the vulnerabilities with using unencrypted wireless networks. I think a secured VPN is a good starting point.

linksys has a nice little SOHO VPN router
http://www1.linksys.com/Products/product.asp?prid=607&scid=29

How to secure it. (i would go minimal 3-DES but ive heard im paranoid)
http://www.homenethelp.com/vpn/router-linksys.asp
0
 
rindiCommented:
You are probably talking about server and not a workstation OS. For Server Remote desktop is the perfect way to connect remotely, every user has his environment and it is pretty fast, compared to other remote solutions. PcAnywhere is more a tool to remotely help users, it takes control of the desktop. Another reason not to use pcanywhere, it is a symantec product and most them just aren't any good.

Another very good reason to use remote desktop, even with the local PC in the Office, is that it is easier to get a secure system. It is easier to secure the server, the users can't install malware etc., All data is centraly stored on the server, no need to synchronize anything. The PC's themselves only need to be very lean workstations and don't need to be highly powered.
0
 
Joseph NyaemaIT ConsultantCommented:
In my opion, it is all about price.

With Microsoft having integrated remote connectivity into  Windows XP, Server 2003 and later.
It realy doen't make any sense for any to buy a pcAnywhere license.

If your clients aint satisfied with RDP
Then a product even better than PC anywhere would be GoToMyPC
http://www.citrix.com/English/ps2/products/product.asp?contentID=13994
0
Cloud Class® Course: Microsoft Azure 2017

Azure has a changed a lot since it was originally introduce by adding new services and features. Do you know everything you need to about Azure? This course will teach you about the Azure App Service, monitoring and application insights, DevOps, and Team Services.

 
pjedmondCommented:
Well - your big problem is going to be the wireless!!

One bluetooth device near the node, and it's not going to work! Wireless bandwidth is notoriously 'fickle'. Also, the bandwidth available to wireless is limited - graphical response will not be as good as your normal remote desktop on a wired network. Also note implications for security. I am not convinced that wireless is 100% secure as all sorts of attacks are possible on it by anyone within range of the wireless link. From a security perspective - who monitors wireless at the court? I wouldn't be suprised if I went along to the court and had full access to the wireless node after about an hour or so. This would be from the perspective of perhaps accessin the internet etc. The majority of wireless setups in the uk are incorrectly set up.

From a data security perspective, I's recommend that it is done over a vpn. Better still get an ethernet connection made available that they can plug into! Cost shouldn't be an issue if they really want this capability.

(   (()
(`-' _\
 ''  ''
0
 
Joseph NyaemaIT ConsultantCommented:
mythology8...

Correct me if I am wrong...
The clients want to connect to the desktops on there machines in the office...

Right?


If so then, they certainly do not want anyone eaves dropping wihtout ther consent.
In other words, secure private access to there desktop in the office.
0
 
Joseph NyaemaIT ConsultantCommented:
I believe there will be wireless access points at the courts and
these guys want wireless access where there is an access point.

So I don't believe that is the biggest worry.
0
 
PrinceAli0Commented:
With proper configuration on your RDP clients via the RDP app on the remote PC and configruation on the servers via Group Policy and profiles, you can definitely use RDP for your remote users on a low bandwidth/high latency connection.

Understand that opening the ports on each PC will open the PCs to the world and creates some security issues.  The suggestion for a VPN (hardware based or software based) is very smart and something I've used and recommended to my clients in past.  It cheap, easy, and quick to configure.  For me, it adds a level of comfort since I'm not opening any ports to the internet and the users can VPN into the network without much issues.

-Roger
0
 
shmuklerCommented:
If your clients only want to access their desktops, pcAnywhere, VNC(a free and more efficient alternative to pcAnywhere), would be easy to deploy (provided there is a VPN or all desktops have public IPs).

(If you would use stripped terminal server built into the XP Pro [home has no TS], opening remote session will cut off console and touching console will disconnect remote session)

If there is no VPN and desktops on private subnet you might want to subscribe to something like GoToMyPC.

If your clients are ready to switch to server based computing and thin clients you should look into RD like solution.

The cons are with VNC like solution is that you need dedicated machine for each connection. If a desktop is idle, it's not too bad, but for bigger company it makes more sense to consolidate desktops on blade thus gaining better hardware utilization, security since thin clients cannot be stolen, ease of maintanance etc.

The main con of terminal server solution is cost. You'll need to buy 2003 Server (~$800 if you bought it preinstalled), additionally you would need to purchase client access license for each named user CAL ($70).

Another benefit of TS approach ability to use local printer (one connected to laptop in your case), harddrive and other local resources.

Terminal Server obviously works with a standard PRE_INSTALLED MS client.

There even products such as Elusiva Terminal Server that install on XP, 2000 [Pro] and 2003 [SBS]. With Elusiva you  only to pay for concurrent connections, as opposed to named users.

Advanced Elusiva TS even allows USB tunneling to you could stick blackberry into the laptop and work as if you connected it directly to server. :)

Good luck.
0
 
macookCommented:
We use Remote Desktop with vpn in my office. If you have a decent firewall then the vpn is pretty easy to configure and most importantly it's secure. The biggest pro is the price...it's free.

I like it because it's fast and easy to use.

The only con I can see with it versus something like gotomypc is that it may take alittle more administrative effort on your part to get it implemented. For example you'll have to setup the vpn and depending on your firewall you may have to buy vpn licenses. We have to with our Firebox. You will also have to configure static ip's on the office pc's, load and configure the vpn software on the laptops,etc....

I also have some problems with getting the vpn to connect in some wireless enviorments, which is something you definately want to consider.
0
 
rindiCommented:
As I already mentioned, I'd use an office server with Terminal Services setup and not connect to each individual PC, this makes the most sense by far, and it it doesn't cost more since you can save on the workstation PC's hardware and also OS (you can use thin clients with linux where the OS is free).

Of course the need for a VPN is mandatory and I don't think that needs to be emphasized at all.
0
 
Brick-TamlandCommented:
Check out logmein.com. It’s a secure remote desktop connection that runs on Tcpip port 80. It will work from any wireless hotspot, through any firewall that allows HTTP. Each logmein.com user account can control up to 5 machines for free. It is definitely worth a look.
0
 
callrsCommented:
0
 
mYelcickCommented:
PcAnywhere is a 1 user session to 1 PC piece of software, so each person who remotes will need a pc available to make a connection to.  If this is the situation you have (each attorney has a laptop and a separate desktop in their office), this is viable as a solution, but far less than optimal (you would need to do a bunch of configuration to make this work for each attorney, and they don't access a central website or portal for access).  The best solution, by far in my humble opinion, is to use Microsoft's Small Business Server 2003 solution - this software automatically exposes each persons desktop (you control which ones to expose using group membership) to the web (this uses the remote desktop protocol).  The SBS 2003 website is built for you automatically with the installation of SBS 2003, and all users have to do is log in to the website.  Once logged in, users can review e-mail (SBS 2003 comes with Exchange Server), or connect to their desktop at work (administrators also have the ability to connect directly to the servers for administration).  Users can do this from any computer from anywhere as long as they have access to the Internet.  The only potential downside here is that each internal desktop you want to expose to the Internet must be running Windows XP Pro (Windows 2000 Pro is not enough - this is where PcAnywhere helps if the infrastructure is old).

The huge pro here, is that everything is set up and  configured for you automatically when installing SBS 2003 - this translates into a very low cost of ownership, as the basic SBS 2003 costs only about $100 per user (including the Exchange server 2003 and CALs).  Security is also pretty good, as this uses HTTPS to encrypt the traffic.  If you are really security concious you can go to SBS Premium (still about 100 per user beyond 5 users, the first 5 users, however costs you about 200-250 per user), which also includes SQL 2000 and ISA server 2004 (Microsoft's firewall).

To obtain Internet access from the client perspective, you can always sign up for things like Verizon's or any cellular providers Internet PC service (comes with a card that plugs into laptops) for about $100 per month (the speed of the service is more than adequate to run the rdp and/or PcAnywhere protocol).

If you have a situation, however, where you want to expose an actual terminal server for the attorneys, then this is still superior to PcAnywhere, as a terminal server can host multiple sessions on a single server (again PcAnwywhere is a single host / single session piece of software).  The big advantage here is again total cost of ownership - you have to maintain only a single terminal server - you install and configure software on a single PC (as mentioned throughout by everyone else).  With PcAnywhere you have to install and set up the software on the desktops you want the users to connect to.  Exposing these various desktops is also an issue (no wizards or auto configuration tool to expose groups of computers with a single management interface).

Note that Small Business Server 2003 also allows you to expose a terminal server as well (rather than multiple desktops or in addtion to the user desktops), however you would need to separately license a terminal server and purchase the CALS (the terminal server winds up costing more, on a per user basis, than SBS 2003, which is odd considering SBS 2003 has Exchange 2003 bundled with Server 2003).  We have had clients go this route (SBS 2003 with a separate terminal server) just to save consulting time in terms of software configuration - we would only have to configure all the client software on a single PC (the terminal server).  The SBS server then gave the client the e-mail server and the single remote portal.

I stronly urge you to research Small Business Server - it represents a huge value for organizations with 75 or fewer people.  Servers are also cheap (Dell 2800 and 2900's are 2-3k) which can run this very easily.  The biggest expense is your time to install and configure (although SBS 2003 comes with wizards that walk you through setting every component up, including mail, firewall, fax, the web site, backups, etc.).
0
 
Davidshc76Commented:
Remote Desktop With windows XP, only one user can use the computer at a time and the remote computer will be log off as you connect to it.

PCAnywhere, you need to buy the license..... Customer need to pay for it.

UltraVNC is an easy to use, fast and free sotware that can display the screen of another computer (via internet or network) on your own screen. The program allows you to use your mouse and keyboard to control the other PC remotely. It means that you can work on a remote computer, as if you were sitting in front of it, right from your current location.

IT's FREE ................ NO COST $$$... Better than RealVNC (security)

You can download it from http://ultravnc.sourceforge.net/

HAVE A TRY... GOOD LUCK
0
 
mastermason357Commented:
Get yourself 1 very powerful computer.  Install Windows Server 2003 with the Terminal Services.  This will allow them to access the 1 computer anywhere and they can access it all at the same time.  If they come into the office, get them a thin-client (cost approx $200).  this will run off of the thin client and will give the administrator more power to control the online work environment, keeping the workers from downloading and "playing" on the computer.  HP makes thin-clients or terminal machines.  I use this system...it is a wonderful solution.
0
 
Tork4840Commented:
Cost was my biggest issue. The thing that hurt the most about leaving pcanywhere was the file transfer. TS can do it just not as reliable. If possible you might want to concider SBS03 it has Remote web workplace if the comapny. Still runs off TS must makes life alot easier.

Ive only heard bad things about free VNC products removed them anywhere ive been.
0
 
kdavidfCommented:
Have the user VPN into the company server using the local authentication on the network and then make a remote desktop connection.  This is a very secure way to use remote desktop.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Cloud Class® Course: Certified Penetration Testing

This CPTE Certified Penetration Testing Engineer course covers everything you need to know about becoming a Certified Penetration Testing Engineer. Career Path: Professional roles include Ethical Hackers, Security Consultants, System Administrators, and Chief Security Officers.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now