Best Practices for Laptop/Netbook Management-RDP Environment

10-12 laptops currently accessing office over SSH using Tunnelier

Sonicwall VPN router in place - only 2 licenses of SSL-VPN

Currently, none of the laptops are on the domain.  The users have to login to the computer, login to the VPN, login to the RDP, login to the specialized software.  Most users are not very familiar with computer usage, and are confused at the number of logins (and confused at the RDP concept).

After assessing the situation, I would like to ditch the SSH, and move everyone to the VPN because it connects more reliably.

In general, what type of best practices can I utilize to simplify the management of these laptops?  Also, how can I maintain security at a reasonable level and not have to use four different logins?  In principle, there is no vulnerable data stored on the laptops themselves, just on the RDP server.

Who is Participating?
Rich RumbleConnect With a Mentor Security SamuraiCommented:
Joining them to the domain could make a few things easier, especially if your vpn can use active directory authentication. Citrix/Xen or even a Microsoft Terminal server can accomplish the same result for the amount of clients you have to support. Making them VPN, then RDP into your xen/ts server gives you a single place to maintain patches and av, and effectively separates even the most infected laptop from the rest of your network and applications.
There are some great documents here that might help you setup your own M$ VPN server:
NetGear has a good hardware firewall/vpn server that supports 50 concurrent tunnels and works with AD authentication for around 199.00: 
Hello there,

Before I state any longer personal opinions, since I have to deal with similar user issues, do your users have sufficient bandwidth while mobile? If yes, are you willing to go in for a little investment? If yes, then you may wish to evaluate a solution such as Citrix XenApp, which will bring you a step closer to securing your systems while seriously reducing end user issues such as the ones you mention... Doing away with the need for a lot of the extras you have at the moment.

CreeksidetechAuthor Commented:
As far as bandwidth goes, most are using their laptops from home with some type of broadband.  I may be able to make a good case for an investment if necessary.  I am not familiar with Citrix XenApp - I'll look at it now.
CreeksidetechAuthor Commented:
Although something other than RDP like the Citrix option may be our plan for the near future, what are some ways that I can mitigate the management problems with our current setup?
CreeksidetechAuthor Commented:
Thanks Rich, I hadn't thought of using LDAP to authenticate through the Sonicwall - I believe the model I have is capable.
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.