RDP or VNC Access
A friend recently asked me to explain the difference between RDP and VNC protocol to remotely access a computer.
RDP stands for Remote Desktop Protocol. It is a proprietary protocol built by Microsoft to let users graphically control a remote computer.
VNC stands for Virtual Network Computing. It’s an open platform independent graphical desktop sharing system designed to remotely control another computer. There are multiple mutually compatible open source, free and commercial VNC vendors each offering additional features on top of the basic functions (RealVNC, TightVNC, TurboVNC, UltraVNC, etc).
Both technologies aim for the similar goals, though they do it in a slightly different way.
This article compares RDP and VNC communication systems as they appear to the end user without digging deep in their history and technological details.
The ultimate goal of both protocols is to provide graphical access to a remote computer, displaying the desktop as well as communicating keystrokes and mouse actions. A user operating the local computer actually triggers all events, launches the applications and observers the results on the remote one.
Both technologies use direct peer-to-peer communication. It means that the local user computer directly connects to the remote computer. But if a firewall blocks the remote computer’s access, neither technologies would work. In this case, the access could be established by using an intermediary computer (gateway or jump server) that the user can connect to first and then from this computer remote connect to the ultimate destination. This is as oppose to popular screen sharing technologies that require agents on both local and remote computers to connect to the centrally located server.
Client and Server Side Software
Both RDP and VNC technologies require client side and server side software to support communication protocol. This software comes pre-installed on some platforms which makes it easier to setup. For example, almost all versions of Windows have an RDP server pre-installed, while virtually all modern versions include an RDP client. Also, many versions of Linux have a pre-installed VNC server. Mac OS includes an often overlooked VNC client. In all cases the server parts for both technologies has to be configured to enable access and to set up credentials to login.
Desktop vs Computer Access
RDP logs in a remote user to the server computer by effectively creating a real desktop session on the server computer including a user profile. It works in the same way as if the user had logged in to the physical server directly. RDP can support multiple remote users logged in to the same server that completely unaware of each other. It makes RDP a good choice for using the same remote server for multiple users at the same time.
VNC connects a remote user to the computer itself by sharing its screen, keyboard and mouse. Consequently, when several users (including the one operating the real physical monitor and keyboard) connect to the same server they see the same thing and they type on the same keyboard. It makes VNC a good choice for technical support when the remote user can see what the local user does and can take control when needed to help. Popular WEB based screen sharing technologies like WebEx or GotoMeeting provide similar kinds of functionality using cloud based servers to maintain communication. VNC does it using a direct connection.
RDP is inherently Windows technology on the server side because of its core principle of creating a unique Windows login session for each user of the system. However, there are RDP clients built for multiple desktop and mobile platforms: Windows, Mac OS, iOS, Linux and Android.
VNC supports multiple platforms on the server side allowing sharing screens and keyboards of both Windows and Linux computers including Linux graphical environments. It might explain the desire to standardize on VNC to keep access similar across the board.
Use by 3rd Parties
It’s also worth remembering that VNC is an open protocol. There are multiple technologies based on (and sometimes partially compatible with) this technology including some of the WEB based screen sharing applications. They might claim to have VNC as their primary communication channel, However they might not support complete VNC infrastructure with peer-to-peer connectivity and specific client and server side software.
We, at Xton Technologies, recently added support for VNC protocol. Our Xton Access Manager (XTAM) Privileges Session Management Server requires only a WEB browser for the remote user to log in to the VNC server. It eliminates the need to install VNC clients on multiple desktop or mobile devices.
XTAM can store credentials to the VNC servers. It can optionally login the user to the remote computer without even asking the user for credentials based on the permissions in the XTAM server itself. In addition to that, XTAM can monitor user keystrokes and even record complete session to the remote computer as video for future learning, sharing or auditing purposes. It provides a simple and secure method of granting access to remote computers in a controlled way. We discuss this situation in our article “Five Ways to Open Root Access for a Remote Contractor“
This article summarizes similarities and differences of RDP and VNC technologies essential to understaning and using distributed computing architecture.
What do you think about our assessment? Did we miss some of the key concepts? Please comment on this article. Let’s make the world better connected and more secure – together.
Xton Access Manager is an agentless, cross-platform privileged access management solution with unlimited licensing model built from the ground up with an enterprise feature set. Simple to implement, without your typical enterprise cost and effort.
Xton Access Manager is now available for download. Please fill out this form to receive a download link to get started today, even on your current desktop or laptop. Documentation is available to help or you can email or call us to request a trial extension, discuss questions and share your feedback. We would love to talk to you.