Allowing information to be passed freely can expose all machines on the network to malware, phishing, fake websites, and pass-the-hash attacks. It can be dangerous to allow any computer on a network to communicate with any other computer without any type of monitoring and oversight. Why do I need an intermediary when using RDP? Why can’t I access any machine directly? Let’s back up a bit and explain why RDP can be risky. This approach capitalizes on the strengths of using a jump host, without a jump host’s downsides. The state of the art when it comes to securing RDP connections is to use an SSH Proxy within a modern PAM solution. Use an SSH Proxy within a modern PAM solution The best method? Implement a PAM solution with the capabilities to directly manage and secure privileged sessions. In other words, jump hosts are the second-best way to secure RDP sessions. Microsoft recommends jump hosts because they are the safest RDP method for customers that do not own a PAM solution. However, jump hosts don’t reflect a modern, efficient architecture. What was once a common way of securing RDP-jump hosts-is still a valid approach some companies prefer.
In the case of securing Remote Desktop Protocol (RDP), PAM practices have followed this pattern of evolution. What might have been considered a state-of-the-art approach ten or even five years ago is no longer defined as a best practice. Security practices are constantly evolving.
0 kommentar(er)
