Best RDP & VPN Alternative 2024
Splashtop is a high-performance alternative to your RDP/VPN infrastructure
Is Legacy VPN a Nightmare? Fed Up With Slow and Expensive RDP?
Try Splashtop Instead and Support BYOD! Considering Microsoft RDP (Remote Desktop Protocol) over a VPN to enable employee remote access to Windows and Mac computers? Using RDP alone outside the firewall exposes traffic to security risks – and can make host computers vulnerable to outside attack – so VPN is required.
This may seem like the easy or inexpensive choice, but organizations who implement it soon come to realize that this solution is expensive to set up and maintain, hard to scale, and cumbersome for employees to use, not to mention the lag issues.
Challenges of Using Legacy Remote Access with RDP Over VPN
- Increased security risk (especially with the BYOD trend where 60% of employees use a smartphone for work)
- Difficulty setting up, maintaining, and scaling for more users
- Poor user experience with connectivity and lag issues
Upgrade to a Next Generation RDP & VPN Replacement: Splashtop
Splashtop offers an alternative solution to RDP and VPN which is easy for employees to use and simplifies remote access setup for IT. Splashtop Business Access supports your business continuity plan (BCP), disaster recovery plan (DR), work-from-home initiative (WFH), pandemic policy, telecommuting and BYOD initiative, enabling employees to stay safe while being productive from anywhere.
Watch why Splashtop is a superior remote access alternative to VPN (virtual private network).
Why is Splashtop a Better Alternative to Legacy RDP & VPN?
Splashtop | Traditional VPN / RDP | |
|---|---|---|
Security | ||
Zero Trust Network Access (ZTNA) | Yes (authentication is first established through Splashtop cloud broker, and only after this arms-length authentication is successful, the remote user is given access to the authorized system). Gartner’s June 2019 analysis predicts that by 2023, 60% of enterprises will phase out their remote access VPN in favor of Zero Trust Network Access solutions*. | No (too much trust is established between the remote device and corporate network, exposing lateral threats, such as ransomware) |
Two-Factor Authentication (2FA/MFA) | Yes | Yes, but some MFA features are not free |
Device Authentication | Yes | Not available in most VPN solutions |
Infrastructure Update | Yes, automatically updates itself against new threats | Manual and risky. Dept of Homeland Security (DHS) warned, "As VPNs are 24/7, organizations are less likely to keep them updated with the latest security updates and patches.” (March 13, 2020) |
Software Update | Yes, automatic | Need to worry about different versions of VPN client and RDP as well as compatibility issues |
SSO | Yes | Yes |
Session recording | Yes | No |
Disable / Enable file transfer and remote print | Yes | No |
Logging and monitoring | Human readable logs | Logs are not human friendly |
User Productivity | ||
Ease of Use | Click & connect – fast remote connections | No – Painful to setup and use VPN and RDP; VPN can take 20+ seconds to connect, and RDP is often slow. |
Can use personal device, supporting BYOD | Yes – Can use any personal device including mobile tablets and phones | No – Need company-issued device to ensure security |
Performance | High performance; 3D CAD / CAM capable; 1080p @ 60fps; 4k @ 30fps | Lag & Unable to support 3D CAD / CAM and streaming video & RDP support for MAC is weak |
Tools/Utilities | File transfer, lock keyboard/mouse, chat, etc | Limited built-in tools with MS native RDP client |
Scalability | ||
On-board thousands of users | Quick & easy (both IT deployed and end user self-provision) | Long and difficult process for IT |
Limited by gateway hardware | Not applicable; software based | VPN CPU/memory can overload and needs to be upgraded |
Network traffic | Corporate access uses corporate bandwidth. Personal browser uses home bandwidth. | Users often forget they are on VPN and all personal traffic (Youtube) are also routed through the corporate network, congesting the network. Disabling split-tunneling reduces productivity; enabling split-tunneling increases risk. |
Any device | Just use any personal device, including tablets, smartphones, Chromebook | Need company-issued devices |
Set up VPN gateway at each office | Not applicable; software-based | Requires setting up & managing VPN gateway for each office |
Reliability | ||
Always updated | Yes – Splashtop managed updates | No – always troubleshooting issues, and requires manual updates |
Consistent tool across platforms | Yes – Consistent remote access experience across Windows, MAC, and Linux operating systems | No – RDP is only Windows friendly |
Cost | Cost effective starting at $5 per user per month (volume license discount available) | Complex & expensive to setup and manage; manual security updates; requires company-issued device; facing constant user support challenges |
Management | Easy user/group management | Need to set up VPN user/group management and also RDP user/group management, resulting in redundant work and difficulty to track/manage |
Conclusion | End-users and IT love Splashtop | VPN / RDP setup is a hassle for IT and users |
*Source: https://www.techradar.com/news/best-remote-desktop-software
Still Need RDP?
Use Splashtop Connector to remotely access computers and servers through Splashtop without using VPN or installing a remote access agent. See our Splashtop Connector vs RDP & VPN comparison for more information.
RDP & RD Gateway Vulnerability Risks
On November 5, 2019, The FortiGuard Labs team recommends that customers immediately apply the latest patches from Microsoft for CVE-2019-0708 on any affected machines, and where possible, also disable RDP completely. BLUEKEEP RDP ATTACKS ARE STARTING: https://www.fortinet.com/blog/threat-research/bluekeep-rdp-attacks-starting-patch-now.html.
On September 27, 2018, The Public Service Annoucement (PSA) warned “CYBER ACTORS INCREASINGLY EXPLOIT THE REMOTE DESKTOP PROTOCOL (RDP) TO CONDUCT MALICIOUS ACTIVITY,” outlining issues around outdated RDP versions with flawed encryption mechanism, unrestricted access to the default RDP port (TCP 3389) https://www.ic3.gov/media/2018/180927.aspx
On January 14, 2020, CERT Coordination Center released Vulnerability Note VU#491944 on MICROSOFT WINDOWS REMOTE DESKTOP GATEWAY (RD Gateway) ALLOWS FOR UNAUTHENTICATED REMOTE CODE EXECUTION: https://kb.cert.org/vuls/id/491944/. “Microsoft RD Gateway in Windows Server 2012 and later contain two vulnerabilities that can allow an unauthenticated remote attacker to execute arbitrary code with SYSTEM privileges…. the flaws lie in handling of fragmentation. This vulnerability is exploitable by connecting to the RD Gateway service listening on UDP/3391.”
No More Legacy RDP Over VPN Hassles! Access Your Desktops, Apps, and Files With Splashtop
Splashtop is designed to give users seamless, secure remote access to their computers from any device, embracing BYOD. With its industry-leading remote desktop technology running through a secure SSL (AES-256) tunnel, Splashtop allows users to access their PC and Mac desktops via their Windows, Mac, iOS, Android, or Chromebook devices as if they are sitting in front of their computers or servers. You get all the benefits of RDP and VPN without the issues and complexities mentioned above. Also, it takes only minutes to set up.