SlideShare a Scribd company logo

Rds infrastructure is the gateway to network

Suman Singh, profile picture
Suman Singh

RDS infrastructure provides remote access to network resources and cloud servers, but is often neglected from a security perspective. It is critical to develop a secure RDS environment since it acts as the gateway to the entire infrastructure. Standard practices like using non-default ports, multi-factor authentication, firewalls, and monitoring with tools like OMS can help protect the network by restricting unauthorized access through RDS. Monitoring results showed multiple fake accounts and IPs attempting unauthorized access.

Design
1 of 3
Download to read offline
1
2
3
RDS infrastructure is the Gateway to network-Take it seriously. Suman B. Singh RDS (Remote Desktop Service) solutions is the most neglected bit in infrastructure design BUT it will be one of the sensitive component in upcomingcloud trend. "We just need RDS servers to install and run some business applications and must be accessible over internet to provide mobility."This is the very common practice that we come across.While world is adopting cloud then obviously no need to visit physical data centers to perform day to day activities so accessing servers remotelyis the onlyway to manage infrastructure. It becomes very important to developsecure RDSenvironment to access anycloud infrastructure because this is the gateway to complete infrastructure. Installing and configuring RDS role will allow user to access servers remotely but same time it opens backdoor to break into cloud infrastructure. Well-known ports like 3389 and easily traceable and one can use brute force to gain access to network. A secure RDS solution must be implemented to access servers remotelyto make sure networkis protected. Below mentioned steps can be taken as standard practice that can be used to protect infrastructure. 1. Use multitier infrastructureapproach,Enable NACL 2. Don’t use default RDP. Use random ports to provide access 3. Configure RDS Gateway and Azure application proxy to protect RDS Session Host servers’ identities 4. Use SSL 5. Implement multi-layerofsecurity (MFA/Firewalls/UDR) 6. Disable default users 7. Use App-Locker Results were surprisingwhen all cloud servers were monitored usingOMS suit.
Figure 1: OMS in action. Showing fake accounts attempted to access the network. Figure 2: Unauthorized Logon Attempts using 3389
Figure 3: IPs generating attacks Figure 4: Top Targeted Accounts

More Related Content

PPTX
vArmour - Securing the Modern Data Centre
Infront
 
PDF
CloudSmartz Disaster Recovery [Use Case] | Smarter Transformation
CloudSmartz
 
PDF
Distributech_Presentation DTECH_2013
Dorian Hernandez
 
PPT
Proactive Security That Works
Brett L. Scott
 
DOCX
Windows and linux
Lahore Garrison University
 
PDF
QNAP Netvox IoT solution
Anderson Cheng
 
PDF
Chris Swan's CloudExpo Europe presentation "The networking declaration of ind...
Cohesive Networks
 
PPTX
Midokura Enterprise MidoNet Overview
Midokura
 
vArmour - Securing the Modern Data Centre
Infront
 
CloudSmartz Disaster Recovery [Use Case] | Smarter Transformation
CloudSmartz
 
Distributech_Presentation DTECH_2013
Dorian Hernandez
 
Proactive Security That Works
Brett L. Scott
 
Windows and linux
Lahore Garrison University
 
QNAP Netvox IoT solution
Anderson Cheng
 
Chris Swan's CloudExpo Europe presentation "The networking declaration of ind...
Cohesive Networks
 
Midokura Enterprise MidoNet Overview
Midokura
 

What's hot (14)

PDF
Cisco connect winnipeg 2018 accelerating incident response in organizations...
Cisco Canada
 
PPTX
6° Sessione VMware NSX: la piattaforma di virtualizzazione della rete per il ...
Jürgen Ambrosi
 
PDF
Hope, fear, and the data center time machine
Cisco Canada
 
PPTX
Cisco connect winnipeg 2018 we make it simple
Cisco Canada
 
PPTX
MidoNet Differentiation and Overview
Midokura
 
PDF
QIoT 您專屬的私有雲平台 - 新知講堂 - 20170421
Anderson Cheng
 
PPTX
Virtualized Firewall: Is it the panacea to secure distributed enterprises?
Zscaler
 
PPTX
Microservices on the Edge
LaunchAny
 
PPTX
AFCEA Energy 2013 IT Symposium - Howerton Keynote
Travis Howerton
 
PDF
HaltDos DDoS Protection Solution
Haltdos
 
PDF
What does a cloud-enabled data centre look like?
NEXTDC
 
PPTX
Secure access to applications on Microsoft Azure
Zscaler
 
PDF
Security Onion: peeling back the layers of your network in minutes
bsidesaugusta
 
PDF
Cisco connect winnipeg 2018 stealthwatch whiteboard session and cisco secur...
Cisco Canada
 
Cisco connect winnipeg 2018 accelerating incident response in organizations...
Cisco Canada
 
6° Sessione VMware NSX: la piattaforma di virtualizzazione della rete per il ...
Jürgen Ambrosi
 
Hope, fear, and the data center time machine
Cisco Canada
 
Cisco connect winnipeg 2018 we make it simple
Cisco Canada
 
MidoNet Differentiation and Overview
Midokura
 
QIoT 您專屬的私有雲平台 - 新知講堂 - 20170421
Anderson Cheng
 
Virtualized Firewall: Is it the panacea to secure distributed enterprises?
Zscaler
 
Microservices on the Edge
LaunchAny
 
AFCEA Energy 2013 IT Symposium - Howerton Keynote
Travis Howerton
 
HaltDos DDoS Protection Solution
Haltdos
 
What does a cloud-enabled data centre look like?
NEXTDC
 
Secure access to applications on Microsoft Azure
Zscaler
 
Security Onion: peeling back the layers of your network in minutes
bsidesaugusta
 
Cisco connect winnipeg 2018 stealthwatch whiteboard session and cisco secur...
Cisco Canada
 
Ad

Similar to Rds infrastructure is the gateway to network (20)

PDF
5 Ways to Keep Your Remote Desktop Secure
Direct Deals, LLC
 
PDF
[RDS /Remote Desktop Services] Lesson 1 : Security Risks & Best Practices You...
☁ Hicham KADIRI ☁
 
PPTX
oracle.pptx
Minakshee Patil
 
PPT
WinConnections Spring, 2011 - How to Securely Connect Remote Desktop Services...
Concentrated Technology
 
PDF
8. 9590 1-pb
IAESIJEECS
 
PDF
how-to-get-ready-ebook-en
Garrett M. Graston
 
PPTX
Cloud Architect Company in India
Regumsoft Technologies
 
PPTX
cloud computing by satwik
satwik gangavarapu
 
PDF
How Can Windows Server 2022 Remote Desktop Benefit Your Company?
Direct Deals, LLC
 
PDF
Cloud Architect Company in India
Regumsoft Technologies
 
PPTX
edgecomputing-201203071131.pptx
WalidMG1
 
PDF
IRJET- Detection of Distributed Denial-of-Service (DDos) Attack on Software D...
IRJET Journal
 
PDF
Evolving the WAN for the Cloud, using SD-WAN & NFV
Digital Transformation EXPO Event Series
 
PDF
Software defined networking
Netmagic Solutions Pvt. Ltd.
 
PPTX
Cloud computing
Zameerhussainzardari
 
PPTX
Cloud Innovation and Virtualization.pptx
csedsc
 
PDF
Unit 1.2 move to cloud computing
eShikshak
 
PPTX
Introduction to Cloud Computing CA03.pptx
abcxyz1337
 
PDF
AWS Security Challenges
STO STRATEGY
 
PPT
Cloud Computing
Sandeep Singh
 
5 Ways to Keep Your Remote Desktop Secure
Direct Deals, LLC
 
[RDS /Remote Desktop Services] Lesson 1 : Security Risks & Best Practices You...
☁ Hicham KADIRI ☁
 
oracle.pptx
Minakshee Patil
 
WinConnections Spring, 2011 - How to Securely Connect Remote Desktop Services...
Concentrated Technology
 
8. 9590 1-pb
IAESIJEECS
 
how-to-get-ready-ebook-en
Garrett M. Graston
 
Cloud Architect Company in India
Regumsoft Technologies
 
cloud computing by satwik
satwik gangavarapu
 
How Can Windows Server 2022 Remote Desktop Benefit Your Company?
Direct Deals, LLC
 
Cloud Architect Company in India
Regumsoft Technologies
 
edgecomputing-201203071131.pptx
WalidMG1
 
IRJET- Detection of Distributed Denial-of-Service (DDos) Attack on Software D...
IRJET Journal
 
Evolving the WAN for the Cloud, using SD-WAN & NFV
Digital Transformation EXPO Event Series
 
Software defined networking
Netmagic Solutions Pvt. Ltd.
 
Cloud computing
Zameerhussainzardari
 
Cloud Innovation and Virtualization.pptx
csedsc
 
Unit 1.2 move to cloud computing
eShikshak
 
Introduction to Cloud Computing CA03.pptx
abcxyz1337
 
AWS Security Challenges
STO STRATEGY
 
Cloud Computing
Sandeep Singh
 
Ad

Recently uploaded (20)

PPTX
mahatma gandhi bus terminal in india Case Study.pptx
rubaiyaakhterinbox
 
PDF
UNIT 1 Introduction fnfbbfhfhfbdhdbdto Java.pptx.pdf
yash131101123110
 
PPT
unit 1 ppt.ppthhhhhhhhhhhhhhhhhhhhhhhhhh
JanakiRaman206018
 
PPTX
Wisp Textiles: Where Comfort Meets Everyday Style
sportsenerlix
 
PDF
Integrated-2D-and-3D-Animation-Bridging-Dimensions-for-Impactful-Storytelling...
nikitasaraf21isbms
 
PDF
The Advantages of Working With a Design-Build Studio
Douglah Designs
 
PPTX
AC-Unit1.pptx CRYPTOGRAPHIC NNNNFOR ALL
prabujayant2022
 
PDF
Urban Design Final Project-Context
nicolebrog1
 
PPTX
AD Bungalow Case studies Sem 2.pptxvwewev
15MistryMitanshu
 
PPTX
Fundamental Principles of Visual Graphic Design.pptx
KevinCaratiquit2
 
PDF
Benefits_of_Cast_Aluminium_Doors_Presentation.pdf
Royal Matrixs
 
PPTX
Implications Existing phase plan and its feasibility.pptx
SamuelJohnson540488
 
DOCX
actividad 20% informatica microsoft project
fernandeznibesky
 
PDF
Emailing DDDX-MBCaEiB.pdf DDD_Europe_2022_Intro_to_Context_Mapping_pdf-165590...
PrathikT1
 
PDF
Facade & Landscape Lighting Techniques and Trends.pptx.pdf
Mina Anis
 
PDF
Key Trends in Website Development 2025 | B3AITS - Bow & 3 Arrows IT Solutions
B3AITS - Bow & 3 Arrows IT Solutions
 
DOCX
The story of the first moon landing.docx
Geani7
 
PPTX
Tenders & Contracts Works _ Services Afzal.pptx
navilasatheesh
 
PPT
pump pump is a mechanism that is used to transfer a liquid from one place to ...
gunjankolhezn
 
PPTX
YV PROFILE PROJECTS PROFILE PRES. DESIGN
ShaluPriya26
 
mahatma gandhi bus terminal in india Case Study.pptx
rubaiyaakhterinbox
 
UNIT 1 Introduction fnfbbfhfhfbdhdbdto Java.pptx.pdf
yash131101123110
 
unit 1 ppt.ppthhhhhhhhhhhhhhhhhhhhhhhhhh
JanakiRaman206018
 
Wisp Textiles: Where Comfort Meets Everyday Style
sportsenerlix
 
Integrated-2D-and-3D-Animation-Bridging-Dimensions-for-Impactful-Storytelling...
nikitasaraf21isbms
 
The Advantages of Working With a Design-Build Studio
Douglah Designs
 
AC-Unit1.pptx CRYPTOGRAPHIC NNNNFOR ALL
prabujayant2022
 
Urban Design Final Project-Context
nicolebrog1
 
AD Bungalow Case studies Sem 2.pptxvwewev
15MistryMitanshu
 
Fundamental Principles of Visual Graphic Design.pptx
KevinCaratiquit2
 
Benefits_of_Cast_Aluminium_Doors_Presentation.pdf
Royal Matrixs
 
Implications Existing phase plan and its feasibility.pptx
SamuelJohnson540488
 
actividad 20% informatica microsoft project
fernandeznibesky
 
Emailing DDDX-MBCaEiB.pdf DDD_Europe_2022_Intro_to_Context_Mapping_pdf-165590...
PrathikT1
 
Facade & Landscape Lighting Techniques and Trends.pptx.pdf
Mina Anis
 
Key Trends in Website Development 2025 | B3AITS - Bow & 3 Arrows IT Solutions
B3AITS - Bow & 3 Arrows IT Solutions
 
The story of the first moon landing.docx
Geani7
 
Tenders & Contracts Works _ Services Afzal.pptx
navilasatheesh
 
pump pump is a mechanism that is used to transfer a liquid from one place to ...
gunjankolhezn
 
YV PROFILE PROJECTS PROFILE PRES. DESIGN
ShaluPriya26
 

Rds infrastructure is the gateway to network

  • 1. RDS infrastructure is the Gateway to network-Take it seriously. Suman B. Singh RDS (Remote Desktop Service) solutions is the most neglected bit in infrastructure design BUT it will be one of the sensitive component in upcomingcloud trend. "We just need RDS servers to install and run some business applications and must be accessible over internet to provide mobility."This is the very common practice that we come across.While world is adopting cloud then obviously no need to visit physical data centers to perform day to day activities so accessing servers remotelyis the onlyway to manage infrastructure. It becomes very important to developsecure RDSenvironment to access anycloud infrastructure because this is the gateway to complete infrastructure. Installing and configuring RDS role will allow user to access servers remotely but same time it opens backdoor to break into cloud infrastructure. Well-known ports like 3389 and easily traceable and one can use brute force to gain access to network. A secure RDS solution must be implemented to access servers remotelyto make sure networkis protected. Below mentioned steps can be taken as standard practice that can be used to protect infrastructure. 1. Use multitier infrastructureapproach,Enable NACL 2. Don’t use default RDP. Use random ports to provide access 3. Configure RDS Gateway and Azure application proxy to protect RDS Session Host servers’ identities 4. Use SSL 5. Implement multi-layerofsecurity (MFA/Firewalls/UDR) 6. Disable default users 7. Use App-Locker Results were surprisingwhen all cloud servers were monitored usingOMS suit.
  • 2. Figure 1: OMS in action. Showing fake accounts attempted to access the network. Figure 2: Unauthorized Logon Attempts using 3389
  • 3. Figure 3: IPs generating attacks Figure 4: Top Targeted Accounts