As we become more and more mobile remote access becomes more and more important.  It’s easy for people who have church-issued laptops.  We have a Cisco IPSec VPN that works great.

But, what about users without laptops who need access to certain apps and services?   There’s several options available, but I’m not convinced any of them are great:

• Connect to VPN and install apps (Shelby, EMS, etc) on home computer.  Obviously, this is very difficult to support and can be slow.
• Connect to VPN and Remote Desktop to their own computer.  I have a couple of users who do this now and it works.  Maybe it’s the best way to handle it since once they’re in, the experience is the same as at the office.  It usually requires a phone call to walk the user through the RDP setup, but it’s not too bad to deal with
• Terminal Services gateway.  I have reservations about opening any MS product up to the internet.  I guess it could be hidden behind an ISA server with RADIUS authentication - we already do this for OWA access to exchange.  Combined with WIndows 2008 RemoteAPP, this could be a very good option, especially since it wouldn’t require a VPN client.  May be a security concern.
• VPN client + RemoteApps - would be easy for the user - I just need to give them a couple of RDP files.  What about accessing Word, Excel, etc?
• Cisco WebVPN - this is cool because it allows the user to log into a web interface and access CIFS file shares.  A bit of a pain to setup and manage though, and doesn’t really allow for the user to access apps.
• VPN client + terminal server - eliminates need to RDP to a workstation, but user may need apps not available on the terminal server.

At this point, I’m kind of leaning toward just allowing users to RDP into their own workstation over a VPN connection.  Anyone have any better ideas?