Solved

Hosted RDP Server - is this secure

Posted on 2016-08-04
8
55 Views
Last Modified: 2016-09-02
Hi

We have some sites in HK and China and am looking into the following scenario

They are trying to PPTP into the UK and then use an application on a terminal server. If no one else is working, then this is possible but as soon as more staff arrive it slows down to the point where it is not usable. The internet at both locations is quick but all traffic including email is going down a shared (With Other ISP users) international connection. This is so slow.
In order to speed things up email is being moved so it is hosted in HK. For the terminal server application my thinking was to use a cloud based hosted server in HK. We RDP from HK/China into this and from this server we can then PPTP to the UK and use the terminal server. We have tried this and it is much quicker.
From a security point of view we can restrict what IP addresses can connect to the server but do I need anything further to encrypt the traffic.

Thanks,

Mark.
0
Comment
Question by:mdj1501
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 3
8 Comments
 
LVL 12

Expert Comment

by:Bryant Schaper
ID: 41742750
You would want to run RDP with SSL, but it can be secure.  I have seen payroll applications use this model. thery use citrix, but it is still secure.
0
 
LVL 1

Author Comment

by:mdj1501
ID: 41742786
This is at a data centre and they have said you can limit the IP's that can connect and it will be secure enough. I have my doubts ?
0
 
LVL 10

Expert Comment

by:Scott Silva
ID: 41742943
PPTP is never a secure vpn protocol.. It was breached years ago
0
NEW Veeam Agent for Microsoft Windows

Backup and recover physical and cloud-based servers and workstations, as well as endpoint devices that belong to remote users. Avoid downtime and data loss quickly and easily for Windows-based physical or public cloud-based workloads!

 
LVL 1

Author Comment

by:mdj1501
ID: 41742991
We can use SSL VPN with one account for this to increase security. Once one user connects the server is connected so the additional users coming on will connect to the services in the UK.
0
 
LVL 12

Expert Comment

by:Bryant Schaper
ID: 41743023
then you should be ok
0
 
LVL 1

Author Comment

by:mdj1501
ID: 41743036
so just to confirm rdp to datacentre over the internet, ssl to uk and terminal services over that link
0
 
LVL 1

Author Comment

by:mdj1501
ID: 41750217
what if i purchase a ssl certificate for the server I connect to ?
0
 
LVL 12

Accepted Solution

by:
Bryant Schaper earned 500 total points
ID: 41769102
Do you need further assistance, I missed your question about a cert, you can buy one or issue from your CA if you have one
0

Featured Post

Salesforce Made Easy to Use

On-screen guidance at the moment of need enables you & your employees to focus on the core, you can now boost your adoption rates swiftly and simply with one easy tool.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In this article, I am going to show you how to simulate a multi-site Lab environment on a single Hyper-V host. I use this method successfully in my own lab to simulate three fully routed global AD Sites on a Windows 10 Hyper-V host.
Ransomware is a malware that is again in the list of security  concerns. Not only for companies, but also for Government security and  even at personal use. IT departments should be aware and have the right  knowledge to how to fight it.
This tutorial will walk an individual through locating and launching the BEUtility application to properly change the service account username and\or password in situation where it may be necessary or where the password has been inadvertently change…
There are cases when e.g. an IT administrator wants to have full access and view into selected mailboxes on Exchange server, directly from his own email account in Outlook or Outlook Web Access. This proves useful when for example administrator want…

726 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question