Secure Rdp Windows 10

 



-->

Applies to: Windows 10, Windows 8.1, Windows Server 2019, Windows Server 2016, Windows Server 2012 R2

Secure

Secure Rdp Windows 10 64-bit

  • Use Remote Desktop on your Windows, Android, or iOS device to connect to a Windows 10 PC from afar. Set up the PC you want to connect to so it allows remote connections: Make sure you have Windows 10 Pro. To check, go to Start Settings System About and look for Edition.
  • Run gpedit.msc Local Computer Policy Administrative Templates Windows Components Remote Desktop Services Remote Desktop Session Host Security. 'Set client connection encryption level' - Enabled and High Level, for your sessions to be secured with 128-bit encryption.

After 11 months of using the “Remote Desktop Connection” feature, a recent security update left this feature blocked with a prompt to upgrade to Windows Pro for a cool $99. I went to the Microsoft App Store, downloaded “Microsoft Remote Desktop” (orange. VNC Connect is the best remote desktop software for Windows 10 that provides encrypted remote access via cloud services and cutting-Edge technologies included in this software to provide the most reliable and effective desktop sharing services for everyone with an on-premise solution. Secure Remote Desktop with Remote Credential Guard in Windows 10 Rename this value to DisableRestrictedAdmin and then double click on this value to open up the edit value menu. Make sure that value data is set to 0, restart your system after that for the changes to appear.

You can use Remote Desktop to connect to and control your PC from a remote device by using a Microsoft Remote Desktop client (available for Windows, iOS, macOS and Android). When you allow remote connections to your PC, you can use another device to connect to your PC and have access to all of your apps, files, and network resources as if you were sitting at your desk.

Note

You can use Remote Desktop to connect to Windows 10 Pro and Enterprise, Windows 8.1 and 8 Enterprise and Pro, Windows 7 Professional, Enterprise, and Ultimate, and Windows Server versions newer than Windows Server 2008. You can't connect to computers running a Home edition (like Windows 10 Home).

To connect to a remote PC, that computer must be turned on, it must have a network connection, Remote Desktop must be enabled, you must have network access to the remote computer (this could be through the Internet), and you must have permission to connect. For permission to connect, you must be on the list of users. Before you start a connection, it's a good idea to look up the name of the computer you're connecting to and to make sure Remote Desktop connections are allowed through its firewall.

How to enable Remote Desktop

The simplest way to allow access to your PC from a remote device is using the Remote Desktop options under Settings. Since this functionality was added in the Windows 10 Fall Creators update (1709), a separate downloadable app is also available that provides similar functionality for earlier versions of Windows. You can also use the legacy way of enabling Remote Desktop, however this method provides less functionality and validation.

Windows 10 Fall Creator Update (1709) or later

You can configure your PC for remote access with a few easy steps.

  1. On the device you want to connect to, select Start and then click the Settings icon on the left.
  2. Select the System group followed by the Remote Desktop item.
  3. Use the slider to enable Remote Desktop.
  4. It is also recommended to keep the PC awake and discoverable to facilitate connections. Click Show settings to enable.
  5. As needed, add users who can connect remotely by clicking Select users that can remotely access this PC.
    1. Members of the Administrators group automatically have access.
  6. Make note of the name of this PC under How to connect to this PC. You'll need this to configure the clients.

Windows 7 and early version of Windows 10

To configure your PC for remote access, download and run the Microsoft Remote Desktop Assistant. This assistant updates your system settings to enable remote access, ensures your computer is awake for connections, and checks that your firewall allows Remote Desktop connections.

All versions of Windows (Legacy method)

To enable Remote Desktop using the legacy system properties, follow the instructions to Connect to another computer using Remote Desktop Connection.

Should I enable Remote Desktop?

Secure Rdp Windows 10 Pro

If you only want to access your PC when you are physically using it, you don't need to enable Remote Desktop. Enabling Remote Desktop opens a port on your PC that is visible to your local network. You should only enable Remote Desktop in trusted networks, such as your home. You also don't want to enable Remote Desktop on any PC where access is tightly controlled.

Be aware that when you enable access to Remote Desktop, you are granting anyone in the Administrators group, as well as any additional users you select, the ability to remotely access their accounts on the computer.

You should ensure that every account that has access to your PC is configured with a strong password.

Why allow connections only with Network Level Authentication?

If you want to restrict who can access your PC, choose to allow access only with Network Level Authentication (NLA). When you enable this option, users have to authenticate themselves to the network before they can connect to your PC. Allowing connections only from computers running Remote Desktop with NLA is a more secure authentication method that can help protect your computer from malicious users and software. To learn more about NLA and Remote Desktop, check out Configure NLA for RDS Connections.

If you're remotely connecting to a PC on your home network from outside of that network, don't select this option.

Introduction

One of the most ubiquitous forms of technology in the business world today is remote access technology. Just like other areas of IT, security for remote access technology is essential to keep attackers at bay and to protect sensitive information and organization network resources. Thankfully, the founding engineers of remote access wove security into this technology as a matter of course.

This article will provide a high-level look at remote access security in Windows 10 environments. We will specifically address how to configure VPN in Windows 10, using secure protocols in Windows 10 and how to use Microsoft DirectAccess.

What is remote access?

Remote access refers to the ability to remotely access a computer or network through a network connection remotely. A quick Google search will show you that there are countless proprietary solutions for remote access, but you should know that Windows 10 offers some in-built remote access solutions that are worth knowing about.

Windows 10 features three remote access solutions: Virtual Private Network (VPN), Remote Desktop Protocol (RDP) and Microsoft DirectAccess.

How to configure VPN

VPNs are near essential in many organizations. They allow users to connect to a private network from outside of the network. VPNs are used for different reasons, including allowing employees to connect to their organizations network from home and hiding internet activity, just to name a few. One of the best things about a VPN is they can turn an insecure connection into a secure one.

Rumors have circulated for years about VPNs being hard to use — this is false. Premier VPN services make using their service easy, often with just one click (including configuration). Those who want to DIY with a VPN they get from either work, school or a friend will have to manually configure their VPN. This process is actually not that difficult and just takes a minute or two.

Before you configure your VPN, you will need to determine the protocol to use for your connection. Always use the most secure protocol — if you are performing a VPN configuration on behalf of an organization, check with your organization’s IT administrator regarding which protocol to use.

Using secure protocols in Windows 10

Regarding remote access in Windows 10, the secure protocol we want to discuss is Remote Desktop Protocol, or RDP. RDP allows for remote display and input capabilities for network-connected Windows applications running on a server.

RDP in Windows 10 uses the RC4 cipher, which is a stream cipher that efficiently encrypts small amounts of information. This encryption can be performed by using either a 56- or 128-bit key.

Besides the inherent encryption feature offered by RDP, Windows 10 users can configure Network Level Authentication. This will force Windows users to authenticate when using RDP to remotely access a computer.

The most crucial action to take to use RDP is to enable it in Windows 10. Don’t forget to check the box next to “Require computers to use Network Level Authentication to connect” for extra security.

Rdp Client Windows 10

How to use Microsoft DirectAccess

Microsoft DirectAccess is an interesting approach to remote access that stands apart from VPN, RDP, and other remote access technologies. DirectAccess uses authenticated, auto-initiated and encrypted ESP tunnels when connecting users to network resources. This technology is noted for several solid benefits including being always on and being transparent, bi-directional and (last but not least) secure.

These benefits are really just symptoms of the end goal of DirectAccess — to provide seamless intranet connectivity to network users. Windows 10 users will find that once DirectAccess is properly set up and configured, their internet connection is automatically secured with DirectAccess. So unless DirectAccess is configured to run upon the opening of an application, DirectAccess will connect automatically as long as the system is connected to the internet.

It should be noted that Microsoft is moving toward the Always-On VPN approach, with rumors circulating about an approaching end of life (EOL) announcement of DirectAccess. As of 2019, DirectAccess is still being supported by Microsoft.

Conclusion

Remote access is an incredibly useful feature of today’s computers that people 50 years ago would have considered fantastical. However, remote access is a viable technology that has security susceptible to compromise, risk and worse. Windows 10 offers different remote access methods for its users, but whichever way you choose, security will be attached to its belt loop.

Sources

Rdp Security Update Windows 10

  1. Securing Remote Desktop (RDP) for System Administrators, Berkeley Information Security Office
  2. Remote Desktop Protocol, Microsoft
  3. How to enable Remote Desktop on Windows 10, Pureinfotech
  4. Top 5 Reasons To Deploy Windows 10 With DirectAccess, Celestix