Solved

How to Secure RDP with Aladdin eToken OTP

Posted on 2008-06-26
2
3,219 Views
Last Modified: 2013-11-21
Is there a way to secure RDP sessions using OTP (One-Time Password) from an Aladdin eToken without having to install extra client software?

Our users currently use the Remote Desktop Client over port 80 which is NATed to 3389 at an ISA server to access the corporate LAN - it would be nice to secure the authentication process with a Windows Password+OTP. If there were a way to implement RADIUS authentication with RDP, my problem would be easily solved.

My organization is currently using eToken OTP for VPN and OWA (behind ISA 2004). Unfortunately, Aladdin does not offer an RDP plugin nor do they offer technical support to customers (only partners/distributors).

Aladdin does offer an IIS OTP plugin but it seems that this plugin does not work well.  I would like to avoid implementing the Remote Desktop Web Connection as it requires an Active X plug-in. TightVNC would be a possibility but it does not support SSL.

0
Comment
Question by:Jeremy_in_Japan
2 Comments
 
LVL 38

Accepted Solution

by:
Rich Rumble earned 500 total points
ID: 21973509
What is the worry over using RDP alone? If you have the M$ Terminal Service gateway, users can connect over HTTPS in addtion to RDP.
You can disable the ability of users to check the  "remember password" function in RDP... Also, if users only use 2-3 applications when they are connecting to work, then perhaps RemoteApp is a good solution:
http://technet2.microsoft.com/windowsserver2008/en/library/57995ee7-e204-45a4-bcee-5d1f4a51a09f1033.mspx?mfr=true
-rich

0
 
LVL 3

Author Comment

by:Jeremy_in_Japan
ID: 21973684
Thank you for your comment.

Unfortunately, my organization's requirement is to secure RDP with a one-time password device.

The MS Terminal Service gateway is a nice solution and actually, it does support RADIUS authentication which can be used with Aladdin eToken OTP.

I have decided to go with an SSL-VPN appliance such as SonicWall 2000 or SSL-Explorer. Theses appliances support RADIUS authentication which can be used for OTP authentication for the SSL-VPN Gateway access. Also, Java based as well as Active-X based RDP clients can be used for users that are not on the Windows platform.

You are the only one that replied and your suggestion is close so I will award you the points.

Thank you again for your time.

0

Featured Post

Migrating Your Company's PCs

To keep pace with competitors, businesses must keep employees productive, and that means providing them with the latest technology. This document provides the tips and tricks you need to help you migrate an outdated PC fleet to new desktops, laptops, and tablets.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
More Than One Website On Same DMZ Server 3 74
md5 password 3 64
non-domain members are not prompted for credentials 18 43
Impact of disabling SMB v1 on Mac and Linux clients 4 380
Enterprise Password Manager Suites as well as Local Password managers are covered in this article.
February 24, 2017 — On February 23, Travis Ormandy, a vulnerability researcher at Google, reported on Twitter (https://twitter.com/taviso/status/834900838837411840) that massive stores of data have been leaked by CloudFlare, a company that provide…
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, just open a new email message. In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…

803 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question