Remote Desktop Services provides access to work environments from any device. This allows us to ensure business continuity in case of disaster. It provides admins more control over access and security. Remote Desktop Services simplifies software updates and compliance management by reducing the need to act on end users devices.
Zscaler Private Access works really well in environments setup for FQDNs and where you know what users should/shouldn't be accessing on what ports. You can use Zscaler Private Access to figure out these kinds of features but that doesn't always mean you'll be correct. It also provides a consistent experience for users as they can access their materials anywhere. It also makes the user the last line of defense. If a user's account is compromised then the attacker has access to everything they already did. It doesn't work great in OT environments or Server based environments. Flows have to be initiated from the client and not the server for stuff to behave properly.
When you connect with RDS, everything looks and feels (and is) exactly like you're sitting at that desktop. This is great for us and for users.
You can sign in with RDS and the desktop will be the same as when you left it (if you choose to set it up that way).
Although they take some setup, RemoteApps are a very handy way to let users access a program without requiring them to actually connect to a remote desktop on the server.
Remote Desktop Services currently does not support multiple monitors on the terminal server. Unlike other applications such as Teamviewer, there's no feature to toggle between multiple screens even if they were connected to the terminal server.
Remote Desktop Services should provide an option to scale up or down the screen size after a connection is established. Currently you can only adjust the screen size prior to a connection is established. So you'll have to take a best guess at what display screen resolution will fit best on your screen.
Remote Desktop Services should offer some kind of menu to send special key strokes like Ctrl+Alt+Del to the terminal server. Currently the substitute for that particular combination is Ctrl+Alt+End. But I have yet to discover a replacement for other combination keystrokes such as Alt+PrintScrn.
Application Segmentation and Listener Configuration - The way applications are defined and listened for is fundamental to ZPA, but can be a source of frustration, especially when dealing with legacy or non-HTTP protocols
The ZCC is the user's primary gateway, but its control over local system network behavior can sometimes clash with enterprise requirements.
The initial setup for Remote Desktop Services is complex, and licensing is costly. Each user connects to their virtual desktop hosted by a single server or group of servers, so a change or issue with servers quickly impacts every single user at the same time. Aside from that, users appreciate seeing their same personal desktop from any device or geographical location.
The environment feels more secure, and we are seeing that users are adapting to it fast. The fact that we have tools to assist the users with their day-to-day access helps, as we can hand it off to the helpdesk without any escalations to the Network team. It is a work in progress for our agency, but we are seeing the benefits from the solution.
As with any Microsoft Server product, support for Remote Desktop Services requires a paid support package. These are license-based and very costly, on top of the already costly product licensing. Microsoft's licensing is complicated to begin with, so setting up licensing alone essentially requires a licensing expert's counsel. There is community documentation and support available on Microsoft websites, as well as community websites.
We selected Remote Desktop Services based upon price alone. Other solutions on the market are significantly more expensive, but if your company can foot the bill you should seriously consider products that have been on the market for longer. The lack of an ability to easily upgrade farm servers has been a challenge for us - although it is still faster than updating an application on 2000+ machines. The lack of a centralized management console in 2008 R2 is also challenging, but you get by with the tools available to you. If you don't have the money to spend on Citrix or VMWare Horizon, Remote Desktop Services is a decent replacement.
Well ZPA is a good solution, however everyone has their own advantage and disadvantages, with ZPA you can deploy ZTNA model, which will help you better control on access, however Palo Alto, Fortinet they are also market leading firewall solution, and you can not deny if they are not providing the same features.
Positive: We have now charged users internally for the service
Negative: Dealing with users who also have the Zscaler Client Connector for their company, can cause confusions
Negative: Enabling the Zscaler Internet Access entitlement has been a major headache for us because Zscaler Private Access users can't autheniticate through ZIA on a non corporate device.
