So he thinks a network connection is the same thing as a remote terminal? He does realize that you can actually run remote desktops over a VPN, right?

I don’t see your problem here. For a fictional story, this is pretty good? What’s that you saying it’s not supposed to be fictional?

Well, he’s not just a freelance novelist, he also “has been writing about Linux for nearly ten years”[1]. So, the real question is: wait, no, one question isn’t enough.

1- If he’s a Linux writer, why is he writing about Windows?
2- And why is he writing about Windows 2003? (answer: someone asked him about it)
3- Wait, wait a second. Why is someone asking a Linux writer/novelist about Windows?

I have absolutely no experience with Terminal Services. From looking around, it seems it’s similar to VNC and suchlike. I also have no idea what QuickBooks is, but I’ll assume it’s just a client-server application.

If my above assumptions are accurate, his advice is not totally meaningless (if they are inaccurate, please correct me). From the article:

“Does your terminal server live on a WAN or within a LAN? If there is no public access, then a VPN will be required just to gain access to the machine with the LAN. If there is a machine that has an external IP (or traffic can be routed to that machine from the WAN), then allow those users to have access to a terminal server.”

That answers your “it’s an apples to oranges comparison” argument. He does know what he’s talking about. He’s comparing the following two scenarios:

1- Client program installed on customers’ computers. They connect over VPN to the company’s LAN, then use the client to connect to the server directly.
2- Client program installed on servers in the company. Customers connect to it using Terminal Services and use the program from there. If they get disconnected, the QuickBooks server-client connection doesn’t get severed (which explains this line: “QuickBooks might be one of the most sensitive applications I have ever worked with. The slightest hiccup in a network can cause a lost connection with the data server, and it can also cause data loss or corruption”).

Again, please correct me if I’m wildly wrong.

[1] http://www.linux.com/community/profile?userid=93

“If my above assumptions are accurate, his advice is not totally meaningless (if they are inaccurate, please correct me).”

Here’s the thing:

1) The Windows Server series provides at least two encrypted VPN protocols natively – PPTP and L2TP.
2) Non of these are in fact necessary anyway since Windows Server also provides a service known as “TS Gateway”, which enables you to serve RDP from your Server box through an untrusted network (e.g. the Internet) via port forwarding from your NAT.
3) With or without security in question, all that VPN does is simply encapsulating traffic between two hosts within a VPN-specific packet format, and a VPN connection can take place completely unencrypted.
4) VPN also implies that either side of the connection will need to provide some from of routing or bridging. Without it, there will be no connection.
5) This also means that you will need to rework your network layout to include the presence of VPN – a more or less pointless exercise if the only thing you want to deploy at the end of the day is just TS Gateway.
6) RDP per se does not transfer data between two hosts (unless you also happen to be running CIFS i.e. remote mounting inside it). A severed RDP connection simply means that you won’t be able to see what’s going on with you login session. The login session is still live regardless of the presence of an RDP connection.
7) Access to individual applications is yet another completely different ball game to RDP. Since I don’t manage Windows servers for a living, I won’t embarrass myself by elaborating too much on it.
8) I must admit I more or less misread Wallen’s fluff piece, but given the amount of irrelevance he has managed to squeeze into the first paragraph, it still seems to me that whatever follows is just post-Googling afterthoughts, and I doubt that, without knowing precisely what VPN and RDP actually are (as in your case), you can make much sense out of this man’s rambling anyway.

I am willing to take back my “mutually exclusive” accusation, but, overall, my argument that Wallen is a hack still stands.

On the other hand, if his chum wants to use QuickBooks over a remote connection to a Win2K server, wouldn’t that imply the use of terminal services anyway (over any damn connection protocol you want)? I’m fairly certain it won’t work without a terminal session. And Terminal Services are (mostly) persistent over RDP – well mine is very spotty, but it’s run by MS Network Admins, what do you expect? – so his answer is inane in any case. Just log in again. And why is QuickBooks so spectacularly fragile? (It corrupts data? Wow, some accounting package that is.)

And why would anybody run QuickBooks on a server rather than on a local desktop? (Oh, I know, Loon cheapskatery.) Isn’t there a Web interface for this sort of use scenario?

And if you really need to deploy a common-or-garden Windows app from a server, wouldn’t App-V be a more appropriate solution?

And, and, and … is this the worst-ever piece of advice ever given out on how to run something in Windows, or what?