Bacially RDG provides a secure method of using RDP to connect to a device on the internal/corporate network. So a desktop/laptop or remote desktop server. If the user has taken their company laptop with them and they don't have a desktop/laptop available on the internal network they have nothing to connect to via RDG. If that's the case then VPN is a better choice.
My experience with RDG in SMB is that once it is in place a lot of people start to leave their laptop on their desk. Most people arleady have a computer or tablet at home and once they see that they can use those and have pretty much the same experience as what they would have sitting at their desk at work, they are sold on the idea. It's not unusual to have people replacing their laptops with a decent desktop and a tablet. They don't have to carry a laptop back and forth that way. With RDG you will be able to give the users complete remote access (so not just file access) from pretty much any device, personal or otherwise. James. -----Original Message----- From: [email protected] [mailto:[email protected]] On Behalf Of Chyka, Robert Sent: Wednesday, 15 January 2014 6:44 AM To: [email protected] Subject: RE: [NTSysADM] Small Remote Office Remote File Server Access Just to clarify some points: - We have a 2012 server where the files are located that our workers need access to from their homes or hotel rooms. - we have 8-10 users needing remote access to that file server listed above - It will be a mix of laptops and IOS devices needing the remote access to the files to edit, make changes, start new docs etc. - We have Time Warner Business class cable - the laptop users use both their corporate laptops and laptops at their homes - the 2 choices from the list are VPN, or Remote access gateway or ?? Am I straight with this so far? -----Original Message----- From: [email protected] [mailto:[email protected]] On Behalf Of Ken Schaefer Sent: Monday, January 13, 2014 5:29 PM To: [email protected] Subject: RE: [NTSysADM] Small Remote Office Remote File Server Access -----Original Message----- From: [email protected] [mailto:[email protected]] On Behalf Of James Hill Sent: Tuesday, 14 January 2014 8:25 AM To: [email protected] Subject: RE: [NTSysADM] Small Remote Office Remote File Server Access >>> No mention of existing RDP CALs. Or a server to run RD Gateway or RD Host. > There was mention of a server, " For remote access to our 2012 file server" There was the actual Windows 2012 file server. Are you suggesting that the OP run RD Gateway and RD Host on the file server? >>> Configuring PPTP or L2E VPN on 6 clients isn't really a major OPEX cost. >>> I'd say it's comparable to patching/managing a server. > It is more than RDG and what do you do for devices that you can't get access > to? > There is a much higher chance that the client is a windows device with > RDP already built-in. Ongoing OPEX will be higher than RDG. How do you figure this? OP already mentioned they were using VPN via Cisco ASAs for their main site, so I made the assumption they already had some expertise in managing VPNs. >> The users already have laptops. If they take their laptop with them, they >> already get the "exact same thing" > If it's the same laptop that they use in the office and if it is the "only" > device they use, which is unlikely. How do you figure "it's unlikely"? There doesn't seem to be anything in the OP's post to suggest this - he's asking about how to get access for their laptops and iPads. That implies they already have them. > I LOL'd at your latest big thing about Ken fact. Do you keep all this stuff > in a Wiki so you don't forget? Actually - I do: http://flightdiary.net/anonymouscoward (for the flights I've managed to get around to entering). But I don't know why you LOL - you made the claim - I'm trying to rebut it. Deal with the actual issue at hand, rather than laughing at my personal expense. You can't just claim "they are few and far between", when you've got no real basis for suggesting such a thing. Especially when it's pretty easy to get stats on how many passengers airlines carry every year, and then take a peek on a few planes to see what % of those people are doing work on a plane. In any case, I see people working on trains, buses and a bunch of other places they might not have ready internet access (or it might not be convenient to enable constant connectivity). Either way, I disagree with your claim, but who knows what the working habits of OP's employees are. It's a pretty moot discussion until he's willing to clarify. >>> What version of Windows or IOS doesn't support L2TP/IPSec or PPTP? > You conveniently left out Android there as well as that many VPN solutions > have their own custom client. I left off Android because the OP stated that his requirement was for Windows and IOS support. I also left off Symbian, VMS, AIX and Solaris for the same reason. -----Original Message----- From: [email protected] [mailto:[email protected]] On Behalf Of James Hill Sent: Monday, 13 January 2014 8:54 PM To: [email protected] Subject: RE: [NTSysADM] Small Remote Office Remote File Server Access If the OP already has a 2012 server (or 2008 for that matter) and sufficient RD CAL's then he may not have much CAPEX at all. Add the role, configure it, configure the firewall, purchase a cheap ssl cert and off you go. It's incredibly easy to configure on 2008 server and above and even easier again if it's a sbs product. Perhaps his business prefers lower OPEX than CAPEX too. You seem quite focused on the CAPEX side of things but that may not be how the OP's business works. The RDG solution would certainly result in lower OPEX than VPN as there is far less management of the clients. Overtime this may easily justify the initial CAPEX. Citrix of course adds another layer of expense and based on what we know is required it would be overkill. >> Configuring PPTP or L2E VPN on 6 clients isn't really a major OPEX cost. I'd >> say it's comparable to patching/managing a server. >> FWIW, for environments like mine, OPEX is our major expense. My guess was >> that CAPEX is the major expense in small business environments. Providing the users with access from any device to the same desktop (whether that be a physical computer, a virtual desktop, or even a RD Session Host) has many benefits. Users don't like change, if they get the exact same thing no matter what device they connect from then that's a good thing. >> The users already have laptops. If they take their laptop with them, they >> already get the "exact same thing" VPN does provide the offline option(although you can copy files to and from an RDG session if enabled) but unless you use offline files etc and the end client/device is fully managed it isn't the nicest user experience. I find that more and more these days peoples devices are connected to the internet and they don't want to use it if it isn't! There are some that still want to compose emails on a plane but they are few and far between. >> The option is for already existing devices. >> I did LOL at the "only few and far between want to compose emails on a >> plane" - flown well over 1m KMs on planes, and there are lots and lots of >> people writing emails, reviewing docs and so forth. Whether it's a Mac, Windows, Android or iOS there is support for RDG. That can't be said for many of the vpn options out there. >> What version of Windows or IOS doesn't support L2TP/IPSec or PPTP? Cheers Ken
