<div>
<a href="#a42090873" rel="ugc">#a42090873</a> is not about SSTP but PPTP. SSTP is secured by a certificate (I use SSTP for my home VPN). You can use a DV cert and up. SSTP is as secure as the certificate used
</div>


<div>
Hi guys, thanks for all your comments
</div>


<div>
<div class="content wysiwyg-content">
I'm trying to decide whether or not to setup anywhere access on a server to allow clients to VPN to the server and be able to work remotely on files shared from the server.<br />
<br />
My concern is whether or not this is secure enough in today's environment with all the hackers out there.<br />
<br />
I configured it and got it working, using a free certificate from CACERT. I set the vpn security options as :<br />
Type of VPN: SSTP<br />
Require encryption<br />
allow Microsoft CHAP Version 2 (MS-CHAP v2)
</div>
</div>


I'm trying to decide whether or not to setup anywhere access on a server to allow clients to VPN to the server and be able to work remotely on files shared from the server.

My concern is whether or not this is secure enough in today's environment with all the hackers out there.

I configured it and got it working, using a free certificate from CACERT. I set the vpn security options as :
Type of VPN: SSTP
Require encryption
allow Microsoft CHAP Version 2 (MS-CHAP v2)

How secure is Anywhere Access on 2012r2 Essentials server

A virtual private network (VPN) is a network that uses a public telecommunication infrastructure, such as the Internet, to provide remote offices or travelling users access to a central organizational network securely. VPNs encapsulate data transfers using secure cryptographic methods and other security mechanisms to ensure that only authorized users can access the network and that the data cannot be intercepted.

Security is the protection of information systems from theft or damage to the hardware, the software, and the information on them, as well as from disruption or misdirection of the services they provide. The main goal of security is protecting assets, and an asset is anything of value and worthy of protection.  Information Security is a discipline of protecting information assets from threats through safeguards to achieve the objectives of confidentiality, integrity, and availability or CIA for short. On the other hand, disclosure, alteration, and disruption (DAD) compromise the security objectives.