In order to ad a level of security I have created a custom client version that allows me to deny terminal server access to anyone that does not have this version. This works great when not using a VPN to connect.
However I have a situation where I am implementing wyse win terminals which do not support custom clients.
So my question is what other techniques are out there for blocking access to terminal servers. Such as mac address perhaps.