Legacy VPN a Nightmare? Fed-up with RDP? Is It Slow and Costly?
Try Splashtop instead and support the BYOD World

Watch why Splashtop is a superior remote access alternative to VPN

Are you considering Microsoft RDP (Remote Desktop Protocol) over a VPN to enable employee remote access to Windows and Mac computers? Using RDP alone outside the firewall exposes traffic to security risks – and can make host computers vulnerable to outside attack – so VPN is required. This may seem like an easy or inexpensive choice, but organizations who implement it soon come to realize that this solution is expensive to set up, maintain, hard to scale, cumbersome for employees to use and have lag issues.

Common problems of using legacy remote access means through RDP over a VPN include:

Splashtop offers a RDP / VPN alternative solution that greatly simplifies remote access setup for IT and easy usability for employees/end-users. Splashtop Business Access supports your business continuity plan (BCP), disaster recovery plan (DR), work-from-home initiative (WFH), pandemic policy, telecommuting, and BYOD initiative, enabling employees to stay safe while being productive from anywhere.

Why is Splashtop a Better Choice than Legacy RDP / VPN?

Splashtop Traditional VPN / RDP
Security
Zero Trust Network Access (ZTNA)
Splashtop
Yes (authentication is first established through Splashtop cloud broker, and only after this arms-length authentication is successful, remote user is given access to authorized system).

Gartner’s June 2019 analysis predicts that by 2023, 60% of enterprises will phase out their remote access VPN in favor of Zero Trust Network Access solutions*.

Traditional VPN / RDP
No (too much trust is established between remote device and corporate network, exposing lateral threats, such as ransomware)
Two-Factor Authentication (2FA/MFA)
Splashtop
Yes
Traditional VPN / RDP
Yes, but some MFA features are not free
Device Authentication
Splashtop
Yes
Traditional VPN / RDP
Not available in most VPNs
Infrastructure Update
Splashtop
Yes, automatically updates itself against new threats
Traditional VPN / RDP
Manual and risky. Dept of Homeland Security (DHS) warned, ” As VPNs are 24/7, organizations are less likely to keep them updated with the latest security updates and patches.” (March 13, 2020)
Software Update
Splashtop
Yes, automatic
Traditional VPN / RDP
Need to worry about different versions of VPN client and RDP as well as compatibility issues
SSO
Splashtop
Yes
Traditional VPN / RDP
Yes
Session recording
Splashtop
Yes
Traditional VPN / RDP
No
Disable / Enable file transfer and remote print
Splashtop
Yes
Traditional VPN / RDP
No
Logging and monitoring
Splashtop
Human readable logs
Traditional VPN / RDP
Logs are not human friendly
User Productivity
Ease of Use
Splashtop
Click & connect
Traditional VPN / RDP
No – Painful to setup and use VPN and RDP; VPN can take 20+ seconds to connect, and RDP is often slow.
Can use personal device, supporting BYOD
Splashtop
Yes – Can use any personal device including mobile tablets and phones
Traditional VPN / RDP
No – Need company-issued device to ensure security
Performance
Splashtop
High performance; 3D CAD / CAM capable; 1080p @ 60fps; 4k @ 30fps
Traditional VPN / RDP
Lag & Unable to support 3D CAD / CAM and streaming video & RDP support for MAC is weak
Tools/Utilities
Splashtop
File transfer, lock keyboard/mouse, chat, etc
Traditional VPN / RDP
Limited built-in tools with MS native RDP client
Scalability
On-board thousands of users
Splashtop
Quick & easy (both IT deployed and end user self-provision)
Traditional VPN / RDP
Long and difficult process for IT
Limited by gateway hardware
Splashtop
Not applicable; software based
Traditional VPN / RDP
VPN CPU/memory can overload and needs to be upgraded
Network traffic
Splashtop
Corporate access uses corporate bandwidth. Personal browser uses home bandwidth
Traditional VPN / RDP
Users often forget they are on VPN and all personal traffic (Youtube) are also routing through corporate network, congesting the network. Disabling split-tunneling reduces productivity; enabling split-tunneling increases risk
Any device
Splashtop
Just use any personal device, including tablets, smartphones, Chromebook
Traditional VPN / RDP
Need company issued devices
Set up VPN gateway at each office
Splashtop
Not applicable; software based
Traditional VPN / RDP
Requires setting up & managing VPN gateway for each office
Reliability
Always updated
Splashtop
Yes – Splashtop managed updates
Traditional VPN / RDP
No – always troubleshooting issues, and requires manual updates
Consistent tool across platforms
Splashtop
Yes – Consistent remote access experience across Windows, MAC, and Linux
Traditional VPN / RDP
No – RDP is only Windows friendly
Cost
Splashtop
Cost effective starting at $5 per user per month (volume license discount available
Traditional VPN / RDP
Complex & expensive to setup and manage; manual security updates; requires company-issued device; facing constant user support challenges
Management
Splashtop
Easy user/group management
Traditional VPN / RDP
Need to set up VPN user/group management and also RDP user/group management, resulting in redundent work and difficulty to track/manage
Conclusion
Splashtop
Every user and IT love Splashtop
Traditional VPN / RDP
VPN / RDP setup is hassle for IT and users
man in ball and chain having a RDP over VPN headache

RDP & RD Gateway Vulnerability Risks

On November 5, 2019, The FortiGuard Labs team recommends that customers immediately apply the latest patches from Microsoft for CVE-2019-0708 on any affected machines, and where possible, also disable RDP completely. BLUEKEEP RDP ATTACKS ARE STARTING: https://www.fortinet.com/blog/threat-research/bluekeep-rdp-attacks-starting-patch-now.html.

On September 27, 2018, The Public Service Annoucement (PSA) warned “CYBER ACTORS INCREASINGLY EXPLOIT THE REMOTE DESKTOP PROTOCOL (RDP) TO CONDUCT MALICIOUS ACTIVITY,” outlining issues around outdated RDP versions with flawed encryption mechanism, unrestricted access to the default RDP port (TCP 3389) https://www.ic3.gov/media/2018/180927.aspx

On January 14, 2020, CERT Coordination Center released Vulnerability Note VU#491944 on MICROSOFT WINDOWS REMOTE DESKTOP GATEWAY (RD Gateway) ALLOWS FOR UNAUTHENTICATED REMOTE CODE EXECUTION: https://kb.cert.org/vuls/id/491944/. “Microsoft RD Gateway in Windows Server 2012 and later contain two vulnerabilities that can allow an unauthenticated remote attacker to execute arbitrary code with SYSTEM privileges…. the flaws lie in handling of fragmentation. This vulnerability is exploitable by connecting to the RD Gateway service listening on UDP/3391.”

No more Legacy RDP over VPN hassles! Access your desktops, apps, and files with Splashtop.

Splashtop is designed to give users seamless, secure remote access to their computers from any device, embracing BYOD. With its industry leading remote desktop technology running through a secure SSL (AES-256) tunnel, Splashtop allows users to access their PC and Mac desktops via their Windows, Mac, iOS, Android, or Chromebook devices as if they are sitting in front of their computers or servers. You get all the benefits of RDP/VPN without the issues and complexities mentioned above. Also, it takes only minutes to set up.

Give Splashtop a test drive. No credit card or commitment required to get started.

*Source: https://www.techradar.com/news/best-remote-desktop-software