This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(284.8, 27%, 37%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EFC%3C/text%3E%3C/svg%3E)
Hi all,
Inside company we have completed a vulnerability assessment.
I have this vulnerability:
"TLS Version 1.0 Protocol Detection"
All physical servers and virtual machine inside company are Windows Server 2016 DataCenter and they has got the last Windows Updates.
How can I solve it about RDP?
Is it possible disable TLS 1.0 for RDP using GPO?
I would improve security on company servers.
Thanks so much
Best regards
Federico
Any suggestions?
I have followed this video to increase security of terminal server:
https://www.youtube.com/watch?v=nyBOJwvUaKQ
Thanks
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(9.6, 2%, 10%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EFC%3C/text%3E%3C/svg%3E)
Dear @Vicky Wang ,
Thanks for your answare.
Sorry but I did not found tsconfig.msc on my Windows Server 2016 Terminal Server.
Is it normal?
Best regards
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(192, 39%, 28%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EVG%3C/text%3E%3C/svg%3E)
This is normal, this console is demote in new versions.
Greetings.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(281.6, 28.999999999999996%, 37%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EVW%3C/text%3E%3C/svg%3E)
Hi,
According to my knowledge, there is no GPO that can disable the terminal server
Best wishes
Vicky
Can anyone suggest me properly GPO to set to disable TLS 1.0 on different servers?
Not servers are Terminal Server (just one at the moment).
Thanks
Federico
Hi,
thanks for you reply.
@Thameur-BOURBITA Ok, so I will disable TLS 1.0 for all system and not just for RDP.
@Vicky Wang Sorry but I did not understood which is the right option about "Remote Desktop Session Host Configuration"
I would generally disable TLS 1.0 to improve security in my LAN where there are differente Windows Server 2016 VM (Domain Controllers, File Server, Print server...)
Can I create a group policy to disable it on different machines?
Thanks so much
Federico