<div>
It certainly weakens your security footprint. So deepening on your corporate policies, any government regulations, or other regulations (such as credit card PCI compliance) this could indeed put yo out of compliance and therefore be an issue for you. But that is inherently unique to your individual requirements and circumstances. There is no universal &quot;right&quot; answer.
</div>


<div>
<div class="content wysiwyg-content">
In the Windows 2012 RDS farm that we setup, the session collection security settings has the attached by default. <br />
<br />
A piece of 3rd party software that we use leverages the RDP connection which is not working. &nbsp;The software vendor wants us to change the &quot;Security Layer&quot; to &quot;RDP Security Layer&quot; instead of the default setting &quot;Negotiate&quot; and want us to uncheck the &quot;Allow connections only from computers running remote desktop with network level authentication&quot;. &nbsp;<br />
<br />
I am not sure if these settings will cause security issue. &nbsp;Please advise if you see a potential issue. <br />
<br />
Thanks.<br />
<a href="https://filedb.experts-exchange.com/incoming/2016/08_w33/1110657/RDP-security.png" target="_blank" class="file-inline" title="session collection security setting (38 KB)"><svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 512 512"><path d="M67.508 468.467c-58.005-58.013-58.016-151.92 0-209.943l225.011-225.04c44.643-44.645 117.279-44.645 161.92 0 44.743 44.749 44.753 117.186 0 161.944l-189.465 189.49c-31.41 31.413-82.518 31.412-113.926.001-31.479-31.482-31.49-82.453 0-113.944L311.51 110.491c4.687-4.687 12.286-4.687 16.972 0l16.967 16.971c4.685 4.686 4.685 12.283 0 16.969L184.983 304.917c-12.724 12.724-12.73 33.328 0 46.058 12.696 12.697 33.356 12.699 46.054-.001l189.465-189.489c25.987-25.989 25.994-68.06.001-94.056-25.931-25.934-68.119-25.932-94.049 0l-225.01 225.039c-39.249 39.252-39.258 102.795-.001 142.057 39.285 39.29 102.885 39.287 142.162-.028A739446.174 739446.174 0 0 1 439.497 238.49c4.686-4.687 12.282-4.684 16.969.004l16.967 16.971c4.685 4.686 4.689 12.279.004 16.965a755654.128 755654.128 0 0 0-195.881 195.996c-58.034 58.092-152.004 58.093-210.048.041z"/></svg>RDP-security.png</a>
</div>
</div>


RDP-security.png

In the Windows 2012 RDS farm that we setup, the session collection security settings has the attached by default. 

A piece of 3rd party software that we use leverages the RDP connection which is not working.  The software vendor wants us to change the "Security Layer" to "RDP Security Layer" instead of the default setting "Negotiate" and want us to uncheck the "Allow connections only from computers running remote desktop with network level authentication".  

I am not sure if these settings will cause security issue.  Please advise if you see a potential issue. 

Thanks.

Windows 2012 session collection security.

Windows Server 2012 is the server version of Windows 8 and the successor to Windows Server 2008 R2. Windows Server 2012 is the first version of Windows Server to have no support for Itanium-based computers since Windows NT 4.0. Windows Server 2012, now in its second release (Windows Server 2012 Release 2) includes Foundation, Essentials, Standard and Datacenter, and does not support IA-32 or IA-64 processors.

Windows Server 2012

Operating system security (OS security) is the process of ensuring OS integrity, confidentiality and availability. OS security refers to specified steps or measures used to protect the OS from threats, viruses, worms, malware or remote hacker intrusions. OS security encompasses all preventive-control techniques, which safeguard any computer assets capable of being stolen, edited or deleted if OS security is compromised, including authentication, passwords and threats to systems and programs.

OS Security

Security is the protection of information systems from theft or damage to the hardware, the software, and the information on them, as well as from disruption or misdirection of the services they provide. The main goal of security is protecting assets, and an asset is anything of value and worthy of protection.  Information Security is a discipline of protecting information assets from threats through safeguards to achieve the objectives of confidentiality, integrity, and availability or CIA for short. On the other hand, disclosure, alteration, and disruption (DAD) compromise the security objectives.