Who Is This Use Case For?
This use case is for organizations currently using the Microsoft Remote Desktop Gateway (RD Gateway) for RDP connections, but would like a replacement solution that doesn’t suffer from the same limitations.
The Microsoft Remote Desktop Protocol (RDP) should never be exposed directly on the Internet, which is why Microsoft recommends deploying an RD Gateway for secure remote access. However, since the RD Gateway protocol uses Windows authentication (NTLM/Kerberos) over HTTP, external malicious actors can leverage it in brute force and password spraying attacks against Active Directory. Moreover, the RD Gateway degrades performance by tunneling RDP TLS over HTTPS (TLS in TLS) when faster, secure approaches are possible. Last but not least, enforcing MFA on RD Gateway connections is known to be particularly difficult.
Devolutions Gateway, combined with Devolutions Server and Remote Desktop Manager, makes secure, Just-in-Time (JIT) RDP access possible without using RD Gateway. Devolutions Gateway acts as the secure bridge to the internal network, and only accepts connection requests previously authorized by Devolutions Server. The process is transparent for Remote Desktop Manager users, but all sessions are authorized and logged in Devolutions Server for increased visibility.
How It Works
- Download and install Devolutions Server.
- Deploy and configure Devolutions Gateway to be used with Devolutions Server.
- Create or update RDP connection entries in Remote Desktop Manager to use Devolutions Gateway.
Summary of Benefits
- Enhance security: Enforce MFA through Devolutions Server authentication on Devolutions Gateway RDP connections.
- Reduce complexity: Replace heavyweight VPN deployments with simple, lightweight Devolutions Gateway instances.
- Network performance: Tunneling is restricted to RDP connections and doesn’t affect unrelated network traffic, unlike VPN clients.
- Improve visibility: Just-in-Time (JIT) RDP connections make detailed session tracking and auditing possible, unlike VPNs.
Learn more about how Devolutions can help your organization secure remote desktop access:
In the technology world, your use cases are only as effective as the value someone’s deriving from them. That’s why at Devolutions we are doing our best to help you make the right choice with easy to understand use case examples for you and your team for an ideal productive environment. Read more Use Cases