Solved

Is RDP secure enough over Internet  or it it needs IPSEC - Windows Server 2012

Posted on 2016-08-29
3
92 Views
Last Modified: 2016-08-30
Hi Security Experts,
To access server having public IP hosted behind firewall, Is RDP (TCP/3389) secure enough , Or it Required or only recommended to do it Over IPSEC tunnel ?
 Server is Windows Server 2012 and access is from internet.
Regards
0
Comment
Question by:a_hic
3 Comments
 
LVL 12

Expert Comment

by:Benjamin Voglar
ID: 41774385
Opening port 3389 is as secure as (if not more than) HTTPS or non-certificate based VPN, as all traffic is encrypted within the RDP Packets.

Of course, it is necessary to have installed security patches.

http://searchsecurity.techtarget.com/tip/Remote-Desktop-Protocol-security-How-to-secure-RDP-network-endpoints
1
 
LVL 68

Assisted Solution

by:Qlemo
Qlemo earned 250 total points
ID: 41774389
Direct RDP should use high encryption and extended security, then is is safe enough. Changing the public port obfuscates its purpose and adds some more of secuirty.

A VPN allows more features than just RDP - so it is more useful. It also allows to fix the encryption level. In short, IPSec is better, RDP is enough.
1
 
LVL 62

Accepted Solution

by:
btan earned 250 total points
ID: 41774579
RDP is secured by SSL and also NLA, I will say it suffice it is  secure enough for most usage. However, I do want to qualify that statement to remote access is within internal network to the system that are all domain managed via a common AD. For the case of RDP from external network including internet, VPN secured the RDP traffic with hiding of the internal info which SSL and NLA do not. As a whole, the key is to level up the security for remote access with second factor (e.g. smartcard etc) for identity assurance
1

Featured Post

Give your grad a cloud of their own!

With up to 8TB of storage, give your favorite graduate their own personal cloud to centralize all their photos, videos and music in one safe place. They can save, sync and share all their stuff, and automatic photo backup helps free up space on their smartphone and tablet.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I recently attended Cisco Live! in Las Vegas, a conference that boasted over 28,000 techies in attendance, and a week of hands-on learning hosted by a solid partner with which Concerto goes to market.  Every year, Cisco displays cutting-edge technol…
The recent Microsoft changes on update philosophy for Windows pre-10 and their impact on existing WSUS implementations.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Windows 10 is mostly good. However the one thing that annoys me is how many clicks you have to do to dial a VPN connection. You have to go to settings from the start menu, (2 clicks), Network and Internet (1 click), Click VPN (another click) then fi…

895 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now