• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1000
  • Last Modified:

VPN vs GoToMyPC for small business network

I've read several related posts, but still don't feel sure about this.

Employees would love to have access to files (mainly Word documents and such) on our server to work from home.  Our email is hosted remotely, so they can already get that from any computer with web access.  

We have an older server running Windows 2000 server.  GoToMyPC seems easy enough, I'm just not totally convinced about security....I wouldn't expect them to run long remote sessions, just collect files and then work on them on their home desktop.  I would designate one computer in office to stay on for this purpose, and it would have a somewhat limited access user profile.

Our vendor recommends a SonicWall TZ 180 and Sonicwall Global VPN Clients, but says the users will need at least XP Pro to access.  Our users have XP Home and other assorted stuff at home.  It seems there's got to be a way around that?  A VPN appliance?

With either solution, how worried should I be about control over the connecting computers?  I've cleaned enough spyware off people's home machines to know that there is no way to keep them clean and safe like I do in the office.  

We have a lot of valuable data on our server, and I don't want to do anything silly just for convenience.  But I would like to offer remote access somehow.  Please enlighten if you can.
3 Solutions
LogMeIn is another good free solution.
emjoyceAuthor Commented:
I've heard of LogMeIn too, but my question is really about how secure the possible solutions are.  
Nice part about both of these HTTPS services is that you only have to have outbound port 80 open. THere are no inbound requirements (sometimes port 222) for them. So in a sense you are pretty secure. This is not my specialty but I do use it regularly. With a system like LogMeIn you're going through a third-party. You're connecting to your computer through theirs so you get an extra measure of security.You can work with firewalls and routers and again it does these thingsmore or less transparently.
SMB Security Just Got a Layer Stronger

WatchGuard acquires Percipient Networks to extend protection to the DNS layer, further increasing the value of Total Security Suite.  Learn more about what this means for you and how you can improve your security with WatchGuard today!

The third party service is just that...third party and it is only as secure as the level of trust that you place in these companies.

For example, using "GoToMyPC" means that you give "GoToMyPC" access to your network. By this I mean that you connect your network to GoToMyPC's network and your users make a connection to GoToMyPC's network. So, the users connect to your network through "GoToMyPC" network, like a triangle.

Probably not a big deal but while most companies are quick to allow employees unrestricted remote access, it is rare that that same access is granted to outside companies or users not employed by the company.

So, the question is do you trust third party companies like "GoToMyPC"?

I haven't used a sonicwall for VPN
I would recommend something like the Cisco ASA for client VPN. It is very stable and low overhead.

I use both and have to say Gotomypc is a great way to get started.  It's cheaper than hardware (at least for awhile) and is very simple.  It's an encrypted connection, just like VPN, but setup is way easier.  You also have to get through several layers of passwords.  The main difference though, is that with Go2, you take over a machine on the LAN vs. connecting your home machine to the LAN with a VPN.  This is nice since you don't have to worry quite as much about what's on your users' home PC's, just make sure your LAN machines are patched and running good A/V.  My users are very productive from home with Go2. I know you mentioned putting it on one machine, but to really enjoy the power of it, it's best to give each user thier own account that allows them to control their own PC on the LAN.

The Sonicwall VPN is not too hard, though you do have to setup and configure a new firewall device (The TZ-190 in my case) and you have to setup VPN on it with a wizard, buy access licenses (if you want more than 2 simultaneous connections), download the VPN client, install it on a user's home pc, etc. etc.  So, alot more config and upfront expense, though probably cheaper over the long haul.  Once connected, users can then use remote desktop or map network drives.  It's not too bad, but definitely a lot more work.
emjoyceAuthor Commented:
Thanks to all, I understand it better now.

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Tackle projects and never again get stuck behind a technical roadblock.
Join Now