Bert2005
asked on
RDP security using RD Gateway vs a Win 7 P2P network vs GTMPC
Hi experts,
I apologize as I should know this, but I am trying to make sure. I just purchased Windows Server 2016 Standard, but I have been running a domain on SBS 2008. It is called TS on SBS 2008, but I believe it is now RDS and RD.
I would think that using a client/server domain with a gateway for RDP connections that can then connect to the various clients would eliminate depending on the router, using port 3389 and port redirection. Of course, you can change the default port, but you would still have a port which is open that hackers could attack using brute force.
One person not on EE has told me that by using Group Policy settings locally and apply network authentication, etc, it will be just as secure. He argues that you can use 3389 as long as your security and encryption settings are set up correctly on the local computers, specifically the client encryption level.
I am of the belief that I can use the gateway along with using a certificate that gives me SSL using port 443. Finally, would you have to use a server OS to have a TS or RD Gateway or can one be made on Win 7 or Win 10? And, is a domain more secure than a workgroup on a client/server setup?
Finally, given all that, would GoToMyPC be more secure than either one of the above?
Thanks.
Bert
I apologize as I should know this, but I am trying to make sure. I just purchased Windows Server 2016 Standard, but I have been running a domain on SBS 2008. It is called TS on SBS 2008, but I believe it is now RDS and RD.
I would think that using a client/server domain with a gateway for RDP connections that can then connect to the various clients would eliminate depending on the router, using port 3389 and port redirection. Of course, you can change the default port, but you would still have a port which is open that hackers could attack using brute force.
One person not on EE has told me that by using Group Policy settings locally and apply network authentication, etc, it will be just as secure. He argues that you can use 3389 as long as your security and encryption settings are set up correctly on the local computers, specifically the client encryption level.
I am of the belief that I can use the gateway along with using a certificate that gives me SSL using port 443. Finally, would you have to use a server OS to have a TS or RD Gateway or can one be made on Win 7 or Win 10? And, is a domain more secure than a workgroup on a client/server setup?
Finally, given all that, would GoToMyPC be more secure than either one of the above?
Thanks.
Bert
ASKER CERTIFIED SOLUTION
membership
Create a free account to see this answer
Signing up is free and takes 30 seconds. No credit card required.
ASKER
That is an awesome answer. It is late here, so I want to read it again tomorrow. I may have a couple of follow-up questions if that is OK.
Again, thanks for taking the time.
Bert
FYI: You will definitely be getting the points. You answered first, and you answered the question. I am just hoping to clarify a couple of things. It will help me and may help someone else who is as dumb as I am with this stuff.