Solved

Remote Desktop Pros/Cons

Posted on 2006-07-05
17
4,049 Views
Last Modified: 2013-11-21
I am being asked by a client to introduce 'REMOTE DESKTOP' to his small office of <10 users. The lawyers (hold the jokes guys & gals) in this firm want to be able to access their office computers via wireless connections with their laptops while at Court, and other places.
I am a pcAnywhere user and have been for several versions. I think it is a good, stable product and don't want to get away from it if I don't have to.
Could someone, who is quite familiar with Remote Desktop & pcAnywhere give me the PROS/CONS of both to help me make my arguement?
Unless you are so familiar with both and so confident in REMOTE DESKTOP's abilities - then sway me. Please!
0
Comment
Question by:mythology8
17 Comments
 
LVL 9

Expert Comment

by:bigjimbo813
Comment Utility
Pros and cons...even thought RDC is encrypted i would stack it ontop of a VPN connection.

With windows XP, only one user can use the computer at a time. Therefore, if for some reason someone at the office is on it, the "conectee" will either have to boot them off or not log on.

If you decide on not piping this through a VPN, your going to have to open several ports from the outside...weakening your security.

Also instruct your clients on the vulnerabilities with using unencrypted wireless networks. I think a secured VPN is a good starting point.

linksys has a nice little SOHO VPN router
http://www1.linksys.com/Products/product.asp?prid=607&scid=29

How to secure it. (i would go minimal 3-DES but ive heard im paranoid)
http://www.homenethelp.com/vpn/router-linksys.asp
0
 
LVL 87

Expert Comment

by:rindi
Comment Utility
You are probably talking about server and not a workstation OS. For Server Remote desktop is the perfect way to connect remotely, every user has his environment and it is pretty fast, compared to other remote solutions. PcAnywhere is more a tool to remotely help users, it takes control of the desktop. Another reason not to use pcanywhere, it is a symantec product and most them just aren't any good.

Another very good reason to use remote desktop, even with the local PC in the Office, is that it is easier to get a secure system. It is easier to secure the server, the users can't install malware etc., All data is centraly stored on the server, no need to synchronize anything. The PC's themselves only need to be very lean workstations and don't need to be highly powered.
0
 
LVL 16

Expert Comment

by:Nyaema
Comment Utility
In my opion, it is all about price.

With Microsoft having integrated remote connectivity into  Windows XP, Server 2003 and later.
It realy doen't make any sense for any to buy a pcAnywhere license.

If your clients aint satisfied with RDP
Then a product even better than PC anywhere would be GoToMyPC
http://www.citrix.com/English/ps2/products/product.asp?contentID=13994
0
 
LVL 22

Expert Comment

by:pjedmond
Comment Utility
Well - your big problem is going to be the wireless!!

One bluetooth device near the node, and it's not going to work! Wireless bandwidth is notoriously 'fickle'. Also, the bandwidth available to wireless is limited - graphical response will not be as good as your normal remote desktop on a wired network. Also note implications for security. I am not convinced that wireless is 100% secure as all sorts of attacks are possible on it by anyone within range of the wireless link. From a security perspective - who monitors wireless at the court? I wouldn't be suprised if I went along to the court and had full access to the wireless node after about an hour or so. This would be from the perspective of perhaps accessin the internet etc. The majority of wireless setups in the uk are incorrectly set up.

From a data security perspective, I's recommend that it is done over a vpn. Better still get an ethernet connection made available that they can plug into! Cost shouldn't be an issue if they really want this capability.

(   (()
(`-' _\
 ''  ''
0
 
LVL 16

Expert Comment

by:Nyaema
Comment Utility
mythology8...

Correct me if I am wrong...
The clients want to connect to the desktops on there machines in the office...

Right?


If so then, they certainly do not want anyone eaves dropping wihtout ther consent.
In other words, secure private access to there desktop in the office.
0
 
LVL 16

Expert Comment

by:Nyaema
Comment Utility
I believe there will be wireless access points at the courts and
these guys want wireless access where there is an access point.

So I don't believe that is the biggest worry.
0
 

Expert Comment

by:PrinceAli0
Comment Utility
With proper configuration on your RDP clients via the RDP app on the remote PC and configruation on the servers via Group Policy and profiles, you can definitely use RDP for your remote users on a low bandwidth/high latency connection.

Understand that opening the ports on each PC will open the PCs to the world and creates some security issues.  The suggestion for a VPN (hardware based or software based) is very smart and something I've used and recommended to my clients in past.  It cheap, easy, and quick to configure.  For me, it adds a level of comfort since I'm not opening any ports to the internet and the users can VPN into the network without much issues.

-Roger
0
 
LVL 1

Expert Comment

by:shmukler
Comment Utility
If your clients only want to access their desktops, pcAnywhere, VNC(a free and more efficient alternative to pcAnywhere), would be easy to deploy (provided there is a VPN or all desktops have public IPs).

(If you would use stripped terminal server built into the XP Pro [home has no TS], opening remote session will cut off console and touching console will disconnect remote session)

If there is no VPN and desktops on private subnet you might want to subscribe to something like GoToMyPC.

If your clients are ready to switch to server based computing and thin clients you should look into RD like solution.

The cons are with VNC like solution is that you need dedicated machine for each connection. If a desktop is idle, it's not too bad, but for bigger company it makes more sense to consolidate desktops on blade thus gaining better hardware utilization, security since thin clients cannot be stolen, ease of maintanance etc.

The main con of terminal server solution is cost. You'll need to buy 2003 Server (~$800 if you bought it preinstalled), additionally you would need to purchase client access license for each named user CAL ($70).

Another benefit of TS approach ability to use local printer (one connected to laptop in your case), harddrive and other local resources.

Terminal Server obviously works with a standard PRE_INSTALLED MS client.

There even products such as Elusiva Terminal Server that install on XP, 2000 [Pro] and 2003 [SBS]. With Elusiva you  only to pay for concurrent connections, as opposed to named users.

Advanced Elusiva TS even allows USB tunneling to you could stick blackberry into the laptop and work as if you connected it directly to server. :)

Good luck.
0
How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

 
LVL 1

Expert Comment

by:macook
Comment Utility
We use Remote Desktop with vpn in my office. If you have a decent firewall then the vpn is pretty easy to configure and most importantly it's secure. The biggest pro is the price...it's free.

I like it because it's fast and easy to use.

The only con I can see with it versus something like gotomypc is that it may take alittle more administrative effort on your part to get it implemented. For example you'll have to setup the vpn and depending on your firewall you may have to buy vpn licenses. We have to with our Firebox. You will also have to configure static ip's on the office pc's, load and configure the vpn software on the laptops,etc....

I also have some problems with getting the vpn to connect in some wireless enviorments, which is something you definately want to consider.
0
 
LVL 87

Expert Comment

by:rindi
Comment Utility
As I already mentioned, I'd use an office server with Terminal Services setup and not connect to each individual PC, this makes the most sense by far, and it it doesn't cost more since you can save on the workstation PC's hardware and also OS (you can use thin clients with linux where the OS is free).

Of course the need for a VPN is mandatory and I don't think that needs to be emphasized at all.
0
 
LVL 3

Expert Comment

by:Brick-Tamland
Comment Utility
Check out logmein.com. It’s a secure remote desktop connection that runs on Tcpip port 80. It will work from any wireless hotspot, through any firewall that allows HTTP. Each logmein.com user account can control up to 5 machines for free. It is definitely worth a look.
0
 
LVL 30

Expert Comment

by:callrs
Comment Utility
0
 
LVL 1

Accepted Solution

by:
mYelcick earned 500 total points
Comment Utility
PcAnywhere is a 1 user session to 1 PC piece of software, so each person who remotes will need a pc available to make a connection to.  If this is the situation you have (each attorney has a laptop and a separate desktop in their office), this is viable as a solution, but far less than optimal (you would need to do a bunch of configuration to make this work for each attorney, and they don't access a central website or portal for access).  The best solution, by far in my humble opinion, is to use Microsoft's Small Business Server 2003 solution - this software automatically exposes each persons desktop (you control which ones to expose using group membership) to the web (this uses the remote desktop protocol).  The SBS 2003 website is built for you automatically with the installation of SBS 2003, and all users have to do is log in to the website.  Once logged in, users can review e-mail (SBS 2003 comes with Exchange Server), or connect to their desktop at work (administrators also have the ability to connect directly to the servers for administration).  Users can do this from any computer from anywhere as long as they have access to the Internet.  The only potential downside here is that each internal desktop you want to expose to the Internet must be running Windows XP Pro (Windows 2000 Pro is not enough - this is where PcAnywhere helps if the infrastructure is old).

The huge pro here, is that everything is set up and  configured for you automatically when installing SBS 2003 - this translates into a very low cost of ownership, as the basic SBS 2003 costs only about $100 per user (including the Exchange server 2003 and CALs).  Security is also pretty good, as this uses HTTPS to encrypt the traffic.  If you are really security concious you can go to SBS Premium (still about 100 per user beyond 5 users, the first 5 users, however costs you about 200-250 per user), which also includes SQL 2000 and ISA server 2004 (Microsoft's firewall).

To obtain Internet access from the client perspective, you can always sign up for things like Verizon's or any cellular providers Internet PC service (comes with a card that plugs into laptops) for about $100 per month (the speed of the service is more than adequate to run the rdp and/or PcAnywhere protocol).

If you have a situation, however, where you want to expose an actual terminal server for the attorneys, then this is still superior to PcAnywhere, as a terminal server can host multiple sessions on a single server (again PcAnwywhere is a single host / single session piece of software).  The big advantage here is again total cost of ownership - you have to maintain only a single terminal server - you install and configure software on a single PC (as mentioned throughout by everyone else).  With PcAnywhere you have to install and set up the software on the desktops you want the users to connect to.  Exposing these various desktops is also an issue (no wizards or auto configuration tool to expose groups of computers with a single management interface).

Note that Small Business Server 2003 also allows you to expose a terminal server as well (rather than multiple desktops or in addtion to the user desktops), however you would need to separately license a terminal server and purchase the CALS (the terminal server winds up costing more, on a per user basis, than SBS 2003, which is odd considering SBS 2003 has Exchange 2003 bundled with Server 2003).  We have had clients go this route (SBS 2003 with a separate terminal server) just to save consulting time in terms of software configuration - we would only have to configure all the client software on a single PC (the terminal server).  The SBS server then gave the client the e-mail server and the single remote portal.

I stronly urge you to research Small Business Server - it represents a huge value for organizations with 75 or fewer people.  Servers are also cheap (Dell 2800 and 2900's are 2-3k) which can run this very easily.  The biggest expense is your time to install and configure (although SBS 2003 comes with wizards that walk you through setting every component up, including mail, firewall, fax, the web site, backups, etc.).
0
 
LVL 5

Expert Comment

by:Davidshc76
Comment Utility
Remote Desktop With windows XP, only one user can use the computer at a time and the remote computer will be log off as you connect to it.

PCAnywhere, you need to buy the license..... Customer need to pay for it.

UltraVNC is an easy to use, fast and free sotware that can display the screen of another computer (via internet or network) on your own screen. The program allows you to use your mouse and keyboard to control the other PC remotely. It means that you can work on a remote computer, as if you were sitting in front of it, right from your current location.

IT's FREE ................ NO COST $$$... Better than RealVNC (security)

You can download it from http://ultravnc.sourceforge.net/

HAVE A TRY... GOOD LUCK
0
 

Expert Comment

by:mastermason357
Comment Utility
Get yourself 1 very powerful computer.  Install Windows Server 2003 with the Terminal Services.  This will allow them to access the 1 computer anywhere and they can access it all at the same time.  If they come into the office, get them a thin-client (cost approx $200).  this will run off of the thin client and will give the administrator more power to control the online work environment, keeping the workers from downloading and "playing" on the computer.  HP makes thin-clients or terminal machines.  I use this system...it is a wonderful solution.
0
 

Expert Comment

by:Tork4840
Comment Utility
Cost was my biggest issue. The thing that hurt the most about leaving pcanywhere was the file transfer. TS can do it just not as reliable. If possible you might want to concider SBS03 it has Remote web workplace if the comapny. Still runs off TS must makes life alot easier.

Ive only heard bad things about free VNC products removed them anywhere ive been.
0
 

Expert Comment

by:kdavidf
Comment Utility
Have the user VPN into the company server using the local authentication on the network and then make a remote desktop connection.  This is a very secure way to use remote desktop.
0

Featured Post

What Should I Do With This Threat Intelligence?

Are you wondering if you actually need threat intelligence? The answer is yes. We explain the basics for creating useful threat intelligence.

Join & Write a Comment

Suggested Solutions

As the title indicates, I have done this before. It chills me everytime I update the OS on my phone, (http://www.experts-exchange.com/articles/18084/Upgrading-to-Android-5-0-Lollipop.html) because one time I did this and I essentially had a bricked …
In this article we will discuss all things related to StageFright bug, the most vulnerable bug of android devices.
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…
This video shows how to remove a single email address from the Outlook 2010 Auto Suggestion memory. NOTE: For Outlook 2016 and 2013 perform the exact same steps. Open a new email: Click the New email button in Outlook. Start typing the address: …

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

11 Experts available now in Live!

Get 1:1 Help Now