cancel
Showing results for 
Search instead for 
Did you mean: 

Only allow RDP on Port 3389 when Multi Factor is used

Hello,

We are currently blocking port 3389.  However, does anyone know if you can configure a rule to only allow an RDP over 3389 if Multi Factor is used?

I know it is vague, but I am just starting to look into it.

Thanks

4 Replies
Hayton
Level 18
Report Inappropriate Content
Message 2 of 5

Re: Only allow RDP on Port 3389 when Multi Factor is used

The tag says "hips", so this belongs in Business rather than Consumer.

I've moved the question to Business > Endpoint Security > Host Intrusion Prevention  for attention.

Re: Only allow RDP on Port 3389 when Multi Factor is used

Thanks

youngs
Level 10
Report Inappropriate Content
Message 4 of 5

Re: Only allow RDP on Port 3389 when Multi Factor is used

You can do this in many ways... Two ways we handle similar types of rules are below.

1. Connection-Aware grouping so that when connect to a trusted network you would allow RDP.

2. Create a rule based on a executable file and set the (File Description, Fingerprint, Signer). Setting all depends on how restrictive you want to be for your rules.  If you go this way this rule will need to be above your blocking rule for RDP.

Scott

Re: Only allow RDP on Port 3389 when Multi Factor is used

Thank you youngs, I'll give it a shot...