One of the main issues with any type of remote control product is its reliance on the user to set up proper security. PcAnywhere has some interesting security features in version 10.5, including a mandatory password and the ability to encode host and remote objects -- no code, no connection. The vendor indicates that it can do NT authentication and pcAnywhere authentication (but do not define the algorithm), LDAP, HTTP, HTTPS, FTP, Novel and Active Directory. For encryption: pcAnywhere encryption, Symantec encryption and public key encryption. I am always suspicious of proprietary security algorithms. Public key encryption, of course, can be very good, and there are industry standards.
One of the large issues here is that security must be configured, and administrators must choose and use strong passwords. Some earlier version of this product did not require a password, and many people did not set one. Terminal Services in administrator mode (Remote Desktop Administration on Windows 2003) only allows administrators access and uses Windows integrated authentication (you always needed a password -- but, of course, you could set a blank one). Three encryption levels can be set (including 128-bit encryption post-Windows 2000 SP2). If you wish, you can provide the additional security of using smart cards for Terminal Server access and/or use a VPN to further authenticate, encrypt and manage remote access to your computers.
My preference is to use the tool that I have -- Terminal Services -- but you will need to do some additional evaluation. Cost, as you mention, may weigh high on your list. I don't see any security benefit to using pcAnywhere over Terminal Services, and I do see a large cost difference.
This was first published in February 2003
Join the conversationComment
Share
Comments
Results
Contribute to the conversation