RDP over Internet Security
That's my opinion, but I need to understand the specifics. Without utilizing a TS Gateway, is data encrypted sufficiently for an over the internet connection? I don't see anywhere to enable encryption from the options tab or do I need to configure that elsewhere? I see comments in various places (I have researched some) that by default remote desktop in Windows 7 uses RC4 128bit encryption, but I'm not sure I'm convinced that to be true if I'm simply enabling remote desktop and does that include encryption of the login/username/password?
I also see there is a registry hack to enable NLA in XP machines which would be handy; first install XP SP3, then edit the registry settings on the XP client machine to allow NLA so one doesn't need to downgrade the authentication required by Windows 7 PCs.
It just seems a little flimsy to me because it's not evident what security is built in to remote desktop in Windows 7 as opposed to previous versions that were not secure enough for use over the internet.