Understanding Remote Access Security
Updated: April 30, 2010
Applies To: Windows Server 2008, Windows Server 2008 R2
Security is an important part of your VPN remote access server design. The security of a VPN is based on the tunneling and authentication protocols that you use and the level of encryption that you apply to VPN connections. For the highest level of security, use a remote access VPN based on L2TP/IPsec with certificate-based IPsec authentication and Triple-DES for encryption. If you decide to use an SSTP or PPTP-based VPN solution to reduce costs and improve manageability and interoperability, use Microsoft Challenge Handshake Authentication Protocol version 2 (MS-CHAPv2) as the authentication protocol.