I'm exploring options for securing RDP authentication and encryption. I think using a public Certificate Authority (CA) might be the simplest route, rather than setting up a complex on-premises solution, especially since we're only dealing with RDP for now. Is this the best approach for what we're aiming to do? Eventually, we plan to have a Remote Monitoring and Management (RMM) agent with remote tools, but that's not going to happen for another year. Does this sound like the right way to go?
2 Answers
You shouldn't aim to simplify RDP authentication; rather, focus on improving it. For Server 2022 and hybrid joined servers, you can use Entra for better security. If you're looking for a solid standard, Duo is highly recommended. Just keep in mind that RMM Remote Desktop options can be hit or miss.
I use a public certificate from Let's Encrypt, and I deploy it through Group Policy Object (GPO). It's an easy and effective way to secure RDP without too much hassle.
Yeah, we might be able to use ThreatLocker for connections to specific endpoints. This is all tied to some recent penetration tests we've done, so that path could actually work.