There are numerous use cases for both Remote Desktop Protocol (RDP) and Virtual Private Networks (VPNs) in work, education, and personal environments. 

In this post, we will explore the advantages and disadvantages of remote desktop access, remote file access, remote intranet/application access, cost, security, and overall user-friendliness, both for end-users and system administrators.

Let’s delve into these protocols to understand them better:

What is RDP?

RDP, or Remote Desktop Protocol, has been in use for decades, emerging in 1998. 

It initially catered to enterprise deployments, specifically for thin client machines. This means that a less powerful PC could be placed in an office, and when a more demanding task needed to be performed, users could “remote in” to a more robust server to complete their work.

RDP is used for various tasks, including:

• Video rendering
• Data compression
• Machine learning
• Local network-specific tasks (discussed later in this article)
• And many more

What is VPN?

Contrary to common misconceptions, VPN stands for Virtual Private Network. 

A VPN does not create a new network but instead establishes a tunnel to connect you to an endpoint network, providing you with the experience of being physically present on that network.

What a VPN does not do:

• Hide your internet traffic
• Provide additional security beyond the endpoint’s security measures
• Prevent you from cyberattacks

What a VPN does do:

• Grants access to remote networks through a tunnel
• Treats your local machine as if it were physically connected to the endpoint network
• Can mask your actual IP address when accessing the internet

Business vs Personal Use:

VPNs are essential for enterprise and business operations but are generally not necessary for personal use. Simply installing a VPN on devices for kids or family members does not enhance security and may even increase risk. 

The primary personal use cases for VPNs are accessing geo-blocked content, hiding internet traffic from ISPs (often used for illegal purposes), or specific edge cases. The average consumer does not typically need to use a VPN.

Breakdown of Categories:

For complete remote desktop access (e.g., Home PC to Office PC):

• RDP is the preferred choice.
• VPN can also work.

For complete remote file access, including secure file transfers:

• FTP, ideally using sFTP for security (not covered in this blog)
• VPN for a seamless in-network experience to initiate file transfers on the LAN
• For complete web/intranet/application access (e.g., on-premise applications, accounting software, IP-locked software):
• VPN allows access to resources not accessible outside the network.
• RDP treats your device as if it were part of the organization’s network, allowing access to software, web, and intranet resources.

What is the Cost?

Both VPN and RDP have associated costs:

VPN:

VPN costs involve scalability, availability, and equipment. 

You need a router to enable VPN pass-through and the necessary ports. Additionally, a dedicated machine, preferably a virtual machine, is required to manage the VPN tunnel. 

Modern VPNs may also come with subscription costs.

RDP:

In an enterprise setting, the ideal RDP setup involves deploying Virtual Machines on a VLAN with a dedicated IP scheme for those VMs. This setup is akin to the original concept of thin clients designed by Microsoft over two decades ago. 

Simplifying this process can involve web hosting, round-robin technology, and routing for a smoother user experience and simplified administration.

Carter Technologies offers a proprietary solution with minimal technical complexity, top-notch security, and ease of use for both sysadmins and end-users.

Levels of Security:

Both VPN and RDP offer varying levels of security. 

• VPNs create a private tunnel between your network and the endpoint network, ensuring security during data transfer. 
• RDP can be considered less secure due to specific global ports being opened.
  • Using a web version of RDP with SSL (Secure Sockets Layer) for encryption can enhance security and make it more comparable to VPNs.

Ease of Use for End Users and Sysadmins:

At Carter Technologies, we provide a proprietary solution tailored to sysadmins and companies, ensuring ease of use. This solution includes:

• A web server for end-users to interact with the Thin Client server host.
• Hosting on a hypervisor.
• An internal traffic router directing end-users to a pool of machines.
• A VM host for virtualization.
• A dedicated VLAN and network subnet for internal management.
• LDAP protocol for Active Directory and authentication hardening and pass-through.

This setup enables end-users to log in through a web browser, even outside the company network, using their work credentials. 

They are then assigned a temporary machine (virtual machine behind the scenes), allowing them to perform tasks as if they were physically present at work. 

This approach is user-friendly, cost-effective, and secure, thanks to SSL encryption and internal LDAP authentication.

Want further help?:

If you have any questions regarding things discussed in this blog please reach out to Larson: [email protected] for more information and or a quote for your business/educational environment.