Security under the Remote Desktop Protocol: how to secure RDP computers on the network

Technology

Recent failures in the Remote Desktop Protocol (RDP) have shown deficiencies in accesses through the protocol. In fact, security experts claim that the RDP protocol happens to be used by more than 5 million computers today.

Knowing how to Buy RDP, how RDP works, what it happens to be used for, and how it should be ensured helps administrators improve security systems.

What is RDP?

The remote desktop protocol happens to be a protocol created by Microsoft. It allows the user of the system to connect to a remote system through a graphical interface. The client has agents available on Microsoft systems, although they can also be installed on other developers’ systems such as Apple, various versions of Linux, and some mobile OS such as Android.

The server part of the RDP is installed on a computer with Microsoft OS and receives requests from agents to graphically display the application information, and even offer remote access to the system. By default, the agent attends to requests made on port 3389 from clients that want to connect via RDP.

How is RDP used in business?

Normally, companies configure RDP services or terminal sessions on the servers that clients have installed to be able to connect with them, either for management, remote access or centralized applications. This protocol happens to be also used by administrators to remotely access systems for troubleshooting purposes. This particular feature is the most problematic if not configured properly, as it can cause unauthorized access to company systems.

How to secure RDP

Now that everyone knows what RDP is as well as how it works, let’s check what security employments you need:

Confirm 128-bit encryption in between servers and clients; this encryption use to allow the use of additional resistant keys than the traditional ones. By default, the RDP connection uses 128.bit encryption but the client configuration may be 64 bit.

If the access is made through a network that will extend instead of leaving the port open against possible attacks, it is recommended to create a VPN tunnel to the network as a previous step to using RDP. Even better is to configure a remote desktop gateway that allows HTTPS connections and RDP to create a more secure and encrypted connection at the terminal. These two methods are recommended to avoid having to leave RDP port 339 open at the network edge.

Using firewalls at both the perimeter and the OS to filter incoming requests to approved sources for RDP connections can limit the connectivity of these servers. In particular, there is a group of users that is supposed to only be able to connect to a certain group of servers, so considering them in the firewall rules can partially eliminate this problem.

Check who can create RDP connections to the server. Consider restricting RDP access to specific groups (through policies or manually) rather than allowing anyone to use this system. Limited access use to be always the best option.