Who is this use case for?
This use case is for organizations currently using a VPN for RDP connections, but would like to get rid of the VPN requirement for secure remote desktop access.
The problem
The Microsoft Remote Desktop Protocol (RDP) should never be exposed directly on the Internet, which is why VPNs are frequently used for RDP connections. However, VPN servers are too difficult to deploy, and VPN clients degrade network performance by tunneling all traffic through the private network. While the cost/benefit ratio of a VPN is acceptable for large corporate networks, it is not suitable for small, isolated networks. Simply put, VPNs are a general-purpose solution applied to a specific problem (RDP), making them heavyweight and ill-suited for the job.
The solution
Devolutions Gateway, combined with Devolutions Server and Remote Desktop Manager, makes secure, Just-in-Time (JIT) RDP access possible without using a VPN. Devolutions Gateway acts as the secure bridge to the internal network, and it only accepts connection requests previously authorized by Devolutions Server. The process is transparent for Remote Desktop Manager users, but all sessions are authorized and logged in Devolutions Server for increased visibility.
How it works
- Download and install Devolutions Server.
- Deploy and configure Devolutions Gateway to be used with Devolutions Server.
- Create or update RDP connection entries in Remote Desktop Manager to use Devolutions Gateway.
Summary of benefits
- Enhance security: Enforce MFA through Devolutions Server authentication on Devolutions Gateway RDP connections.
- Reduce complexity: Replace heavyweight VPN deployments with simple, lightweight Devolutions Gateway instances.
- Network performance: Tunneling is restricted to RDP connections and doesn’t affect unrelated network traffic, unlike VPN clients.
- Improve visibility: Just-in-Time (JIT) RDP connections make detailed session tracking and auditing possible, unlike VPNs.