Sarbanes Oxley - RDP OK?

B

Boe

Hello,

If I use the a firewall and open up just port 3389 from specfic IPs and use
RDP from those IPs to get to a waiting PC, am I OK or am I required to use a
secured VPN client first?
 
S

Sooner Al [MVP]

"Boe" <boe_d@hotmail.com> wrote in message
news:eF7kpBgzHHA.4276@TK2MSFTNGP05.phx.gbl...
> Hello,
>
> If I use the a firewall and open up just port 3389 from specfic IPs and
> use RDP from those IPs to get to a waiting PC, am I OK or am I required to
> use a secured VPN client first?
>

If you use a *STRONG* password in general you should be safe. Is this in a
corporate environment, ie. accessing a Terminal Server, or for home use, ie.
accessing a home PC or PCs?

For home users I recommend running Remote Desktop through a Secure Shell
(SSH) tunnel because...

1. You can use a private/public key pair protected with a password for
strong authentication versus a password only (strong or otherwise).
2. You can access more than one PC behind a router or firewall by only
opening one port versus multiple ports.

Corporate users should consult their network admins about this. More than
likely a VPN will be required to access the corporate network first before
connecting with Remote Desktop.

The bottom line is a VPN or SSH tunnel is NOT required but it is good to
use, IMHO...

--

Al Jarvi (MS-MVP Windows Networking)

Please post *ALL* questions and replies to the news group for the
mutual benefit of all of us...
The MS-MVP Program - http://mvp.support.microsoft.com
This posting is provided "AS IS" with no warranties, and confers no
rights...
How to ask a question
http://support.microsoft.com/KB/555375
 
S

Sam Hobbs

"Boe" <boe_d@hotmail.com> wrote in message
news:eF7kpBgzHHA.4276@TK2MSFTNGP05.phx.gbl...
> Hello,
>
> If I use the a firewall and open up just port 3389 from specfic IPs and
> use RDP from those IPs to get to a waiting PC, am I OK or am I required to
> use a secured VPN client first?

Required by what?

Your subject has Sarbanes Oxley in it, but it would help to state explicitly
in the question that it is what you are asking about.

I am not a Sarbanes-Oxley expert, but I have read about it. It essentially
says that management is responsible for doing whatever is reasonable to
ensure that nothing improper is done. It is not specific about how to do
that.
 
You must log in or register to reply here.

Similar threads

M
Windows server use credentials from rdp automatically when opening AD, apps with admin rights etc.
Replies
0
Views
32
Maria2101
M
J
Network Printing AWS/RDP clients
Replies
0
Views
13
Joaquin Carter1
J
K
Secure RDS Gateway
Replies
0
Views
46
khaled master
K
S
RDP from Win11 23H2 to Windows 2022 servers returns CredSSP error
Replies
0
Views
19
Standa Zitta
S
H
Issue with Printer Redirection in RDP on Terminal Server 2022: Defaulting to PDF Instead of Redirected Printer
Replies
0
Views
55
Hynek Bosek
H
Back
Top Bottom