ML
    • Recent
    • Categories
    • Tags
    • Popular
    • Users
    • Groups
    • Register
    • Login

    Securing RDP sessions

    IT Discussion
    4
    16
    3.2k
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • T
      technobabble
      last edited by

      A client is moving their hardware to a data center. I would like to secure the RDP sessions. Right now there are about 50 RDP users that login over the internet. I have seen people posting about using Petrino and RDP together. Is there anything else I need?

      1 Reply Last reply Reply Quote 0
      • S
        scottalanmiller
        last edited by

        Pertino will handle all of the securing of the RDP if Pertinos approach works for you. It's a full mesh, no open ports VPN so it covers a lot of bases there.

        1 Reply Last reply Reply Quote 0
        • T
          technobabble
          last edited by

          So by using Pertino, I would not need a hardware VPN? And how vulnerable is RDP without VPN?

          S 1 Reply Last reply Reply Quote 0
          • S
            scottalanmiller
            last edited by

            RDP is a medium risk. It's secure but not super secure. The attacks aren't in the channel but on the setup of the connection.

            There are definitely cases where you would not further secure it. But it is generally recommended to do something more. I tend to lean to the "less secure" approach for SMBs because they don't get targeted attacks. But you will be attacked big time on the open ports.

            1 Reply Last reply Reply Quote 0
            • S
              scottalanmiller @technobabble
              last edited by

              @technobabble said:

              So by using Pertino, I would not need a hardware VPN?

              Correct. Pertino is a full VPN on its own. No need for hardware. It's a full mesh and has no need of hardware. Hardware is for when you do an aggregator rather than a mesh.

              1 Reply Last reply Reply Quote 0
              • T
                technobabble
                last edited by

                40 of the users are contracted workers or doctors offices, would that sway you to add Pertino?

                S 1 Reply Last reply Reply Quote 0
                • S
                  scottalanmiller @technobabble
                  last edited by

                  @technobabble said:

                  40 of the users are contracted workers or doctors offices, would that sway you to add Pertino?

                  Depends on your architectural goals long term. But Pertino is nice in a situation like that because it is so easy to disable machines once they are no longer needed. Outside workers can manage their own connections but you get a central web console so that you can check on who has access, who is online, etc.

                  1 Reply Last reply Reply Quote 0
                  • N
                    Nara
                    last edited by

                    What are the users RDPing into, exactly?

                    1 Reply Last reply Reply Quote 0
                    • T
                      technobabble
                      last edited by

                      Server desktops to use a Medical Billing program and scheduler.

                      S N 2 Replies Last reply Reply Quote 0
                      • S
                        scottalanmiller @technobabble
                        last edited by

                        @technobabble said:

                        Server desktops to use a Medical Billing program and scheduler.

                        I would probably want to secure that a bit. Pertino or OpenVPN or whatever is a pretty minimal cost and effort for a lot of peace of mind.

                        1 Reply Last reply Reply Quote 0
                        • T
                          technobabble
                          last edited by

                          Thanks @scottalanmiller and others. I will add it to my list of must haves for this client.

                          1 Reply Last reply Reply Quote 0
                          • J
                            Josh Vendor
                            last edited by

                            SAM hit the nail on the head. We can secure the RDP sessions for you. The management console should make it easier to manage contractor sessions, especially compared to port-forwarding/opening for RDP or even traditional VPN.

                            If you haven't set up a Pertino network yet, definitely check it out. I'd want to make sure the topology matches what you had in mind. If you have any additional questions, you can get me at jgrose@pertino.com.

                            Thanks guys,

                            Josh

                            1 Reply Last reply Reply Quote 0
                            • N
                              Nara @technobabble
                              last edited by

                              @technobabble said:

                              Server desktops to use a Medical Billing program and scheduler.

                              Are they servers, or are they desktops? Is it a 1:1 ratio VMs to users, or is it shared, like RDS?

                              1 Reply Last reply Reply Quote 0
                              • T
                                technobabble
                                last edited by

                                @Nara
                                RDS

                                N 1 Reply Last reply Reply Quote 0
                                • S
                                  scottalanmiller
                                  last edited by

                                  You could put Pertino only on the RDS server and on the machines that connect to it. Very simple setup.

                                  1 Reply Last reply Reply Quote 1
                                  • N
                                    Nara @technobabble
                                    last edited by

                                    @technobabble said:

                                    @Nara
                                    RDS

                                    In that case, why not an RDS Gateway? Combine it with RD Web Access, and you have an easy portal for users to access their RDS sessions with while still keeping things secure.

                                    1 Reply Last reply Reply Quote 0
                                    • 1 / 1
                                    • First post
                                      Last post