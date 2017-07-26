Home Security Microsoft: Securing RDP with IPSec

Microsoft: Securing RDP with IPSec

Microsoft: Securing RDP with IPSec
Hi Everyone, this is Jerry Devore back with a follow-up topic from my previous post on Privileged Administrative Workstations (PAW) which is a hardened device configuration used to protect privileged credentials. In that post, I mentioned that it is possible to use IPsec to ensure an admin can only make a RDP connection to Tier 0 devices (domain controllers) from a PAW. By imposing this restriction, we limit the risk of exposing highly privileged credentials to a keyboard logger on a less trusted system such as an administrator’s standard workstation. An additional benefit is that we restrict how stolen credentials can be used unless an administrator’s PAW is also acquired.

Why IPSec?

When I explain this concept to customers I am often asked why not simply use firewall rules and avoid the complexity of IPsec. If your PAWs are going to always have the same IP address you could implement a firewall rule which restricts port TCP 3389 to a defined list source IP addresses. However, for most organizations the PAW is somewhat portable. Therefore, we need to combine firewall rules with the authentication protocols in IPsec which allows us to build “identity based firewall rules”.

Getting Started

If you have ever tried to get your head around Microsoft’s implementation of IPsec you know the learning curve can be steep. My goal in this post is not to make you an IPsec expert but rather help you quickly understand one way it can be used to improve your security posture. To get started, lets cover some basic concepts:

Read the entire article here, Securing RDP with IPSec | Ask Premier Field Engineering (PFE) Platforms

via the fine folks at Microsoft.

Security
Microsoft
Microsoft Founded in 1975, Microsoft (Nasdaq “MSFT”) is the worldwide leader in software, services, devices and solutions that help people and businesses realize their full potential.
