This is a video of a breakout session from BriForum Europe 2007, presented by Thorsten Rood.
Session Description: A typical out-of-the-box installation for Terminalservices Web Access and Gateway relies on username and password – for most companies (even SMB) this may be a significant "no-go" criteria and a showstopper in terms of expanding terminalservices usage to remote devices and B2B scenarios. This session will update you with the architectural changes and minimum requirements to fully secure Terminalservices remote access with OneTime-Password solutions (like RSA secured or other token-based vendors). This is a high-level session that covers all needed components, starting with new modules introduced by Windows Server 2008 and ending up in Microsoft ISA Server 2006. We'll also compare this architecture to alternates like Citrix Access Gateway. Basic understanding on PKI/SSL is required.