That way a username + Password isn't enough, you will need an authorized authenticator app on your cellphone. Enable Split-tunnel to allow them to use their own internet connections for surfing.Īnother alternative is to enforce MFA (Multi-Factor Authentication) to your terminal server using an app like Duo. If you find yourself having to supply Terminal Server access to BYOD users (their personal computers) I'd suggest you deploy VPN clients from your Firewall and setup a policy that limits the affected users to only being able to access port 3389 on the Terminal Server when connected. A Terminal Server is a great tool for remote workers, but it needs to be protected behind another security vector such as a VPN. Brute forcing passwords against exposed Terminal Servers is still one of the most common vectors for Cryptolocker attacks. ![]() Should I open port 3389 to the web and let my users access it that way? As well as providing access to company file systems and other resources as if the user was located within the building. You can install virtually any application on a Terminal Server including Office, Line of Business apps, etc. Use this thread to share ideas and answer common questions for those now spinning them up in a hurry.Ī Terminal Server is a relative easy method of providing remote access to a large number of users on short notice.Īn RDS server or farm provides a method for remote users to access a controlled and common desktop environment from any device that supports the RDP protocol, include desktops, tablets, Mac, etc. It's like there's a pandemic or something. ![]() ![]() There's been a lot of talk and questions all of a sudden about spinning up Terminal Servers as a remote access method for large sums of users.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |