RE: [NTSysADM] Exposure from VPN

[Mayo, Bill]

You can restrict the ability have the local drive show up through the policy on 
the RD Gateway, can you not?

From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On 
Behalf Of Kennedy, Jim
Sent: Wednesday, July 17, 2013 12:07 PM
To: ntsysadm@lists.myitforum.com
Subject: RE: [NTSysADM] Exposure from VPN

Ahhh, I see. Don't think you can limit your exposure in that scenario other 
than having her use a machine not in the domain...and on it's own vlan or 
internet connection.

From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On 
Behalf Of J- P
Sent: Wednesday, July 17, 2013 12:03 PM
To: ntsysadm@lists.myitforum.com
Subject: RE: [NTSysADM] Exposure from VPN

This would still expose our lan  would it not?

she remotes in, her local drives show up including her network drives (our lan 
shares), where's the security on our side?

I get than they can secure their network using rdgateway, but what protects me 
as I am not the gateway hoster/provider?











Jean-Paul Natola



________________________________
From: kennedy...@elyriaschools.org<mailto:kennedy...@elyriaschools.org>
To: ntsysadm@lists.myitforum.com<mailto:ntsysadm@lists.myitforum.com>
Subject: RE: [NTSysADM] Exposure from VPN
Date: Wed, 17 Jul 2013 15:54:04 +0000
Pptp absolutely not.  It is totally broken and insecure. MS has a KB somewhere 
saying stop using it.

We use remote desktop via Microsoft's Remote Desktop Gateway. Very easy to 
setup and use and gives the user a desktop that is located in the remote 
domain..so all the settings..mapped drives...all show up.

http://technet.microsoft.com/en-us/library/cc731150.aspx


From: listsad...@lists.myitforum.com<mailto:listsad...@lists.myitforum.com> 
[mailto:listsad...@lists.myitforum.com] On Behalf Of J- P
Sent: Wednesday, July 17, 2013 11:43 AM
To: ntsysadm@lists.myitforum.com<mailto:ntsysadm@lists.myitforum.com>
Subject: [NTSysADM] Exposure from VPN

Hi all,

We have an employee who works part time for 2 organizations which are located 
in the same building, now we are moving
and they want her to VPN in from our network to theirs, using traditional MS 
pptp- I'm not entirely comfortable with that idea , can someone suggest a more 
secure safer alternative

Or maybe someway of securing this type of connection as to reduce exposure of 
our LAN?


TIA










Jean-Paul Natola