Disable remote access tools traffic

Majid 26 Reputation points
2020-10-07T14:53:12.16+00:00

Hi everybody

I am going to block any remote access across my company except RDP and Teamviewer for all users by enforcing a policy in server or active directory. In other words, I want to disable any remote access traffic except my whitelist. What is the best solution to do so?

Windows Server
Windows Server
A family of Microsoft server operating systems that support enterprise-level management, data storage, applications, and communications.
12,127 questions
Active Directory
Active Directory
A set of directory-based technologies included in Windows Server.
5,852 questions
Remote Desktop
Remote Desktop
A Microsoft app that connects remotely to computers and to virtual apps and desktops.
4,241 questions
0 comments

3 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Jenny Yan-MSFT 9,321 Reputation points
    2020-10-08T06:22:17.457+00:00

    Hi,
    >>I want to disable any remote access traffic except my whitelist
    I am afraid this is not possible since the server could not tell which application is used when receiving remote session.
    You could consider to restrict the applications installed on the client PC that only the mentioned RDP tools could be installed.

    In general, rules could be configured in the firewall of target computer to restrict the remote connection from specific IP addresses.
    30697-image.png

    Hope this clarifies and please help to accept as Answer if the response is useful.

    Thanks,
    Jenny

  2. TimCerling(ret) 1,156 Reputation points
    2020-10-08T14:20:37.387+00:00

    You can create a Windows Firewall rule to block access by port number, and the rule can contain ranges or lists. This means you have to know which ports you want to remain open so you can block everything else. It would be easier to manage to break this into several rules instead of trying to build a monster rule containing everything, and there are nearly 65,000 ports to consider.

    Of course, that does not prevent an attack coming over a known port, such as a port for RDP or FTP or any of the many other ports that you will have open for general operations.

    0 comments
  3. Jenny Yan-MSFT 9,321 Reputation points
    2020-10-16T07:42:08.387+00:00

    Hi,
    Have you checked the suggestion provided by Tim from above? From RDS perspective, Remote Desktop Gateway is kind of role to provide secure remote connection, which is encrypted using SSL and could combine the RAP and CAP to restrict the accessible resources and groups.

    Also found other document for your reference
    How To Secure Microsoft Remote Desktop Protocol (RDP) and Remote Desktop Services (RDS)
    https://www.trugrid.com/blogs/how-to-secure-rds
    Please Note: Microsoft provides third-party contact information to help you find technical support. This contact information may change without notice. Microsoft does not guarantee the accuracy of this third-party contact information.

    Hope this helps and please help to accept as Answer if the response is useful.

    Thanks,
    Jenny

    0 comments