It’s been known that Microsoft’s Remote Desktop has had its fair share of security bugs and weaknesses (like other 2FA systems), which is why you need to take certain precautions when using RD Gateway two-factor authentication.
With the rise in remote work since the CoronaVirus, more companies are choosing to have their employees work from home to follow safety guidelines. Remote workers still need to do their jobs to the best of their ability and sometimes that means connecting to a server within the company software. For this reason, many companies rely on Microsoft’s Remote Desktop Gateway. This allows employees to access remote machines using their Remote Desktop Connection.
Remote Desktop has been through many obstacles and security issues over the years that allowed cybercriminals to take over a connected PC that’s not properly connected. Hackers are known to use brute force attacks to try to obtain the user credentials of accounts that have remote desktop access.
A brute force attack is a hacking method that uses trial and error to crack passwords, login credentials, and encryption keys. Adding MFA to your Cisco VPN ensures an attacker won’t be able to log in to your corporate VPN network even if one of your users uses a weak (and easily-guessable) password.
For these reasons, organizations need to have security measures in place to protect themselves when using RD Gateway two-factor authentication.
Security for RD Gateway
Remote Desktop Gateway is compatible with cloud base services which is perfect because there are many cloud-based authenticator applications on the market that allow for easy setup and easy access to your server.
The biggest issue users face is authenticating with a two-factor that is time-consuming, frustrating, and more of an inconvenience than a solution. Cloud-based solutions allow users to authenticate with RD Gateway in a short amount of time that doesn’t compromise user efficiency.
When using a third-party authenticator application, there is likely a small authentication process that needs to be followed but it’s not something to worry about as the authentication process is simple and easy to follow.
Here is an example of an authentication flow using an external two-factor authentication application.
- A user attempts access with their Remote Desktop client with username/password
- The username/password is verified against an existing first-factor directory (i.e. Active Directory)
- A RADIUS authentication request is sent to the Cloud-based RADIUS Connector
- An authentication request is made to the authenticator applications Cloud Services
- Secure push notification request sent to the user’s mobile or desktop device
- User response (approval or denial of request) sent to the authenticator applications Cloud Services
- The cloud services RADIUS Connector polls until the user responds or a timeout is reached
- RADIUS Access-Accept sent back to Remote Desktop Gateway
- User is granted access to Remote Desktop
To ensure that this process is quick and easy, as demonstrated above, you’ll want to ensure that your system is updated to the latest version, you have the right documentation to follow along as you set it up, and that you have the authenticator application installed and configured accordingly. RD Gateway two-factor authentication doesn’t need to be difficult and doesn’t need to have a lengthy authentication process. As demonstrated, it only took nine simple steps to authenticate and gain access to our system.
Whenever there is a surge in the popularity of anything, hackers are usually not too far behind. As we continue to work from home, the hackers are right there trying to take advantage of the situation for their own benefit. This is why we need to take preventative measures when protecting the RD Gateway.