Link to home
Start Free TrialLog in
Avatar of lianne143
lianne143Flag for United States of America

asked on

Setting up two factor authentication for Remote desktop services.

Hi

We are having Windows 2012 Remote Desktop services server in our network. Our staff use this service for connecting remotely to our organisation network and access home drives and shared drives.

Will it be possible to implement a 2 factor authentication to make it more secure?
Please post me the step by step tutorials to achieve this functionality.

Or

Are there any 3rd party software to achieve this 2 factor authentication?


Any help much appreciated.
Thanks in advance.
Avatar of Kimputer
Kimputer

Probably the easiest way to implement is, it's like this (obviously, costs money):

https://www.eset.com/us/business/endpoint-security/two-factor-authentication/ 

If you want to save money, doing it yourself, having a VPN is already a second layer of security. If you teach your users to NOT save username/passwords, makes it even more secure. Technically, deploying a solution like ESET (in the link above), is a THIRD layers of security.


ASKER CERTIFIED SOLUTION
Avatar of Rob Williams
Rob Williams
Flag of Canada image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Duo is very quick and easy to setup, so I have heard.

I use Microsoft Azure MFA. The entire buying process of Azure is complicated. For that reason I do not really recommend it. On the plus side, we pay per authentication, not per user. We can provision all of our users, and not worry about paying for users not using it.
As mentioned, both DUO and Microsoft's Multi-Factor Authentication can be integrated into an RD Gateway and each endpoint on the internal network to provide that extra layer of protection.

Both offer excellent documentation on what's needed and how to deploy.
SMS Passcode is an option for 2FA on prem. The RDP Agent is working well.
https://www.entrustdatacard.com/products/categories/sms-passcode