+ 0 Votes No you can not OH Smeg 2 years ago It's as simple as that. + 0 Votes Reponse To Answer Working IT 2 years ago Thank you for your answer. I like your saying about "if configured 100% correctly". I agree. It is difficult to keep Windows up-to-date at all time. I am planning to keep both options (VPN and RDP) open. VPN will be used for mobile users. RDP will be locked down for remote offices with static IP only. + 1 Votes Not true at all! SMB5657 2 years ago If running RD Web access under SSL you are encrypting your data stream and yes it is secure. If not every Citrix and View connection currently in use today across millions of workstations would be vulnerable. Now OH Smeg is correct when he states you are opening your web site servicing the SSL to the Internet and we all know what can happen if the site is not managed with an eye towards security. + 2 Votes And from a pure 'risk' hacking standpoint robo_dev 2 years ago The Cisco VPN solution is a EAL4 certified IPSEC VPN, and while there are some hacking apps that 'poke around the edges' like IKESCAN, I have not seen any real scary vulnerabilities, exploits, or patches that call into doubt the security of this approach. It is, for all intents and purposes, foolproof. While Windows 2008, if configured 100% correctly, has met EAL4 targets, there are two issues: One is that it's VERY easy to misconfigure it and leave it insecure. The other is that there are lots of scary vulns, exploits, and a whole sea of patches to keep it secure. CAN a Windows RDP connection be as secure as a Cisco VPN? Well, sorta, if the admin is really good, configures everything perfectly, uses strong passwords, keeps everything patched, monitors the firewall and connection logs, has a good firewall, etc, etc. So the first poster who said 'NO' is correct, and the second poster who said 'YES' is also correct.