Remote access for Windows system

  • If a user has to access multiple recourse use remote access VPN

If you must use RDP externally:

  • Use non-default port TCP port 3̵3̵8̵9̵
  • Use a single source address
    • If not possible. Block to single ISP
    • If that’s not viable Geo block
      • To protect RDP use EvlWatcher or RDPGuard, both use Windows firewall.

EvlWatcher can be configured by editing the config file. Default config is: Lockout time 3600 (an hour)
trigger count 5 (number of failed logins), Permanent ban 3 temp bans.

  • Or Local Security policy > Account policy > account lockout policy
  • If RDP must be global enroll MFA has a solution for RDP MFA. Guide

Leave a Reply

Your email address will not be published. Required fields are marked *