Security VPN vs RDP
I was wondering which is more secure RPD or VPN I realize RDP over VPN is the most secure. I was just wondering what security issues there is with just RDPing from home to a workstation at work is and if I should always use our VPN to do so? Thank you for your time.
Solution 1:
You're really not comparing apples to apples here as they don't provide the same service. RDP provides you with a terminal session on a remote host, while VPN is an encrypted tunnel between point A and point B which encapsulates higher layer information.
The biggest security issue with direct RDP to your server is that it exposes your server to the entire world. Anyone with an RDP client can fire it up and, assuming they know your hostname / IP, connect to your server and start trying to log in. At the very least they can cause you some problems by locking out accounts. If you have not taken the measures to harden your server (which is often the case when RDP is directly exposed) then most likely you're just a sitting duck.
You can help that by configuring RDP to use SSL. And, obviously, using RDP over a solid VPN connection.