Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
CSmoore
Viewer
‎07-10-2019 11:23 AM
‎07-10-2019 11:23 AM

Best Practices for RDP over clientless VPN

Hi All,

 

I'm looking at implementing a clientless VPN solution that would allow my users to access specific internal resources through a secure web portal. One of the possibilities that really intrigues me is hosting an RDP session for my users to be able access one of our application servers. The idea being I don't have to worry as much about the state of their client machine when off premises, and don't have to provide a full VPN solution and all its headaches for one service.

 

However of the two solutions I've looked at they both require a pre-configured username and password to authenticate to the server. This would essentially allow any of the accounts I grant access to this service the same rights as what ever account I assign, and I'd lose any sort accountability.

 

I've tried some Google-fu but can't seem to find any best practices or use cases for this type of setup. Was hoping someone here could provide me some resources on how to properly secure RDP over a clientless VPN.

 

Thanks 

Reply
0 Kudos
1 Reply
denbesten
Community Champion
‎07-10-2019 06:12 PM
‎07-10-2019 06:12 PM

Look for SAML (M$ calls this ADFS) or RADIUS support.  That is the key for being able to leverage a more capable service (e.g. one that supports MFA) and for minimizing the number of password databases in your life.

Reply
0 Kudos