<div>
You can also look at blocking access to the Terminal Server from the Internet altogether and force external users to connect via VPN first before they can log into the TS.
</div>


You can also look at blocking access to the Terminal Server from the Internet altogether and force external users to connect via VPN first before they can log into the TS.

<div>
Multi-factor Authentication. Things like smartcards, PIN FOBs, Fingerprint scanners. All fall under the MFA umbrella. For the SMB, SMS or smartphone apps are my current recommended options. Inexpensive and easy.
</div>


Multi-factor Authentication. Things like smartcards, PIN FOBs, Fingerprint scanners. All fall under the MFA umbrella. For the SMB, SMS or smartphone apps are my current recommended options. Inexpensive and easy.

<div>
Cliff, any cost effective options?
</div>


<div>
<a href="http://azure.microsoft.com/en-us/pricing/details/multi-factor-authentication/" rel="ugc">PhoneFactor</a> - Per user &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;$1.40 per month (unlimited authentications) or Per authentication &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;$1.40 per 10 authentications<br />
, Google Authenticator
</div>


PhoneFactor [http://azure.microsoft.com/en-us/pricing/details/multi-factor-authentication/] - Per user       $1.40 per month (unlimited authentications) or Per authentication       $1.40 per 10 authentications
, Google Authenticator

<div>
Which is the easiest to setup and sync with AD?
</div>


Which is the easiest to setup and sync with AD?

<div>
Azure MFA or Azure AD premium are very easy to set up and directory syncing is a key component of Azure AD.
</div>


Azure MFA or Azure AD premium are very easy to set up and directory syncing is a key component of Azure AD.

<div>
Do i have to an Azure cloud server?
</div>


<div>
No. You have to have an Azure account, but Azure has many services, not just virtual machines. Azure AD and MFA are their own products and don't require any VMs.
</div>


No. You have to have an Azure account, but Azure has many services, not just virtual machines. Azure AD and MFA are their own products and don't require any VMs.

<div>
<div class="content wysiwyg-content">
Hey guys,<br />
<br />
We have a bunch of terminal servers behind our gateway. Now, we have users from random places who connect.<br />
<br />
How can i secure it against threats/hacks sinces it kind of &quot;open&quot;
</div>
</div>


Hey guys,

We have a bunch of terminal servers behind our gateway. Now, we have users from random places who connect.

How can i secure it against threats/hacks sinces it kind of "open"

Terminal Server Security

Windows Server 2008 and Windows Server 2008 R2, based on the Microsoft Vista codebase, is the last 32-bit server operating system released by Microsoft. It has a number of versions, including including Foundation, Standard, Enterprise, Datacenter, Web, HPC Server, Itanium and Storage; new features included server core installation and Hyper-V.

Windows Server 2008

The Microsoft Server topic includes all of the legacy versions of the operating system, including the Windows NT 3.1, NT 3.5, NT 4.0 and Windows 2000 and Windows Home Server versions.

Microsoft Server OS

Network security consists of the policies adopted to prevent and monitor authorized access, misuse, modification, or denial of a computer network and network-accessible resources. Network security involves the authorization of access to data in a network, and covers a variety of computer networks; conducting transactions and communications among businesses, government agencies and individuals. Networks can be private, such as within a company, and others which might be open to public access.