Remote Desktop Protocol (RDP) attacks can be extremely dangerous, whether from an enterprise or a single user point of view. They are basically back-doors which allow external users to access and use a system over the Internet. Today’s trend where attackers are performing brute force attacks against users passwords over the Remote Desktop Protocol (RDP).
What to do
On the Seqrite UTM, there are two methods to avoid RDP brute force attacks:
1. Use a remote access VPN
2. White-list IP Addresses used to connect to RDP.
This method allows administrators to limit RDP connections only to authenticated users connecting with a VPN, Please check Link http://esupport.seqrite.com/support/solutions/articles/23000014743-how-to-create-remote-access-ssl-vpn-for-windows-system- to configure SSL remote VPN
Note: Static WAN IP required at Seqrite UTM end
White-list IP addresses in Port forwarding rules
This method is valid if customers do not want to use a VPN or who have a smaller environment with only a few users who need to connect via RDP.
Note: Static WAN IP required at both end (Seqrite UTM side as well as remote network side - who will be access RDP over the Internet)
Create a port forwarding rule named “RDP” to access RDP service (TCP Port:- 3389) of the local server.
Navigate to Firewall > Forwarding Rules
For security purposes, you can use a custom external port.
Please contact Seqrite Technical Support for more assistance.