RDP & VPN Gateway Hardening Automation Package!
For more information leave your details (and get our full RDP Hardening Guide!)
The Remote Desktop Server is one of the components of Microsoft Windows that allow a user to take control of a remote computer or virtual machine over a network connection. User interfaces are displayed from the server onto the client system and input from the client system is transmitted to the server. It is used as a true endpoint for remote access communications.
When hardening the Remote Desktop Server functionality versus security should be seriously considered. Almost every function enabled can be leveraged into an attack vector. Redirection functionalities can impose a major threat to the network when used by a malicious user, thereby redirection privileges should be considered before enabled.
Download the full RDP Hardening guide to learn more.
VPN gateways, generally act as intermediaries between telework devices and the organization’s internal computing resources.
Both VMWare and Citrix are services running on Windows Server platforms, therefore they are subject to the OS attack surface. Having an unhardened OS that is also exposed to remote users is a major security flaw.
It is very common to see administrators change configurations to optimize the end-user experience, but often neglect the security aspect of it. Organizations should carefully consider the security of any solutions that involve running a remote access server on the same host as other services and applications.
Such solutions may offer operational benefits, such as equipment cost savings, but a compromise of any one of the services or applications could permit an attacker to compromise the entire remote access server.
Placing the remote access server on a separate, dedicated host reduces the likelihood of a remote access server compromise and limits its potential impact.
In addition, the same hardening techniques used for securing your common Windows Server infrastructure should be used here. Hardening should be implemented both in the operating system level and at the services level (Citrix, VMWare, VDI).
For more information, fill in the contact form.