Posted on 2009-04-30
Last Modified: 2013-11-16

I am evaluating Logmein as a remote access solution for my corporate environment at the moment. A network consultant (trying to sell me another product) said that I should stay well away from it as its unsecured "Man in the middle". Security is very important to us.

I have read the white paper and it looks secure, going to use it with RSA dual factor authentication, and I have searched the Internet and cant find anything negative.

I like the solution because of what it offers but I dont want to look an idiot in front of my boss if I recommend something that is a security risk.

Can someone here give me an unbiased opinion? How secure is it?

Question by:TechCGD
    LVL 58

    Expert Comment


    In my experiences with the product, it is very secure. The protection offered from preventing malicious access to your LogMeIn account is excellent and I could not see an intruder infiltrating their system easily.

    However, the problem comes in terms of whether LogMeIn themselves can be trusted. In a properly configured environment, I would not use LogMeIn since it means deploying something beyond your control. Instead, a local TS Gateway server, with an encrypted SSL session between that and the client workstation is my preferred approach, for offering much better security.

    LVL 20

    Expert Comment

    Your best bet in terms of using a free remote app is to use CrossLoop.  Easy to setup, plus it confirms the man in the middle and other security worries are not an issue as it requires for the initial connection a code must be supplied by the other side for a successful connection.  Its a great product, and since I had used logmein previously, in my opinion it was superior to logmein.
    LVL 14

    Accepted Solution

    You could have a look at

    The main security vulnerability with something like logmein stems not from the level of encryption, but from the fact that you are trusting a 3rd party to handle your security.  That combined with web-based login means that there is some visibility on the public internet - compromised passwords would leave you wide open.

    I generally prefer certificate based authentication that is managed in house.  A solution such as OpenVPN gives you the advantage of certificate based authentication, with high encryption levels, but it is all managed in house.
    LVL 20

    Expert Comment

    If you use a Cisco pix firewall for your enviroment, the way around all the security issues is to use the Cisco VPN option and that will secure the connection, etc...

    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    NetScaler Deployment Guides and Resources

    Citrix NetScaler is certified to support many of the most commonly deployed enterprise applications. Deployment guides provide in-depth recommendations on configuring NetScaler to meet specific application requirements.

    SHARE your personal details only on a NEED to basis. Take CHARGE and SECURE your IDENTITY. How do I then PROTECT myself and stay in charge of my own Personal details (and) - MY own WAY...
    If you use NetMotion Mobility on your PC and plan to upgrade to Windows 10, it may not work unless you take these steps.
    After creating this article (, I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
    After creating this article (, I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

    779 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    9 Experts available now in Live!

    Get 1:1 Help Now