• About
  • Contact

    Have something to say? We want to hear it.

    Just send us a message using the form below.

    * * Required
    *


    Cancel

Welcome to OUR GLOBAL IT COMMUNITY.

Bringing together top IT experts, IT professionals and you to find solutions to today's biggest IT challenges. Ask for expert advice, post a solution and surround yourself with IT knowledge.

MEET THE EXPERTS

Brian Milne
Brian Milne
Daniel Petri
Daniel Petri
Debra Shinder
Debra Shinder
Lawrence Abrams
Lawrence Abrams
Lowell Heddings
Lowell Heddings
Jenny Stout
Jenny Stout

CHALLENGE

IT Challenge: VPN Security and Windows 7

Asked by - June 11, 2010

We currently use XP PRO L2TP/IPSec (machine and user certificates) for our VPN connectivity in conjunction with our ISA 2006 server, which has worked great to date. We’re now planning a migration to Windows 7 systems and looking at the built-in functionality. Does Windows 7 built-in connectivity provide a comparable level of security to the existing VPN setup? If so, are there any best practices or easier methods of deployment? (Our infrastructure is 2003 servers/active directory, and a couple of 2008 servers.)

Topics: Infrastructure , Security

Was this helpful?

+0

Yes
  • Windows 7 supports the same L2TP/IPSec protocols that you're currently using, but with Windows Server 2008, you also have the option of using the Secure Socket Tunneling Protocol (SSTP) to create an SSL-encrypted VPN. Because it works at the application layer of the OSI model and uses port 443, the traffic will pass through most firewalls and NAT devices without any special configuration. SSTP uses Transport Layer Security (TLS), which is the current generation of SSL.

    If you deploy Server 2008 R2, you have even more options, including what Microsoft calls VPN reconnect (which is IPsec tunnel mode with IKEv2 and DirectAccess. You can read more about all these VPN/remote access solutions in my TechNet article at http://technet.microsoft.com/en-us/security/ff730324.aspx
blog comments powered by Disqus