I have two Windows 2003 servers, one is an Exchange 2003 server and the other is a Domain Controller. The Exchange server is also running WSUS. I recently setup an ssl certificate that I purchased from a 3rd party provider on the Exchange server. I am using it to secure both OWA and WSUS clients. I setup split DNS so that I can use this certificate for internal WSUS clients. All clients are Windows xp and 2000. All computers on the network are running behind my router/firewall in a private ip address range. I only have one public ip address which is configured on my router along with my ISPs DNS servers. It all works.
Now I want to lock down remote access to the server. At this point I am the only one who needs remote access for administrative purposes. I currently access the server through RDP.
1. Is this a security risk?
2. What is the best way to setup secure remote access? (easy would be nice)
3. Can I use my current ssl certificate to secure remote access?