RDP & VPN Gateway Hardening Automation Package!
For more information leave your details (and get our full RDP Hardening Guide!)
When hardening the Remote Desktop Server functionality versus security should be seriously considered. Almost every function enabled can be leveraged into an attack vector. Redirection functionalities can impose a major threat to the network when used by a malicious user, thereby redirection privileges should be considered before enabled.
It is very common to see administrators change configurations to optimize the end-user experience, but often neglect the security aspect of it. Organizations should carefully consider the security of any solutions that involve running a remote access server on the same host as other services and applications.
Such solutions may offer operational benefits, such as equipment cost savings, but a compromise of any one of the services or applications could permit an attacker to compromise the entire remote access server.
Hardening techniques used for securing your common Windows Server infrastructure should be used here. Hardening should be implemented both in the operating system level and at the services level (Citrix, VMWare, VDI).