Terminal Service Plus

The best Citrix / RDS Alternative for Remote Desktop and Web Access
https://forum.tsplus.net/

RDS - Knight: Protecting Whitelisted user accounts

https://forum.tsplus.net/viewtopic.php?f=3&t=4335

Page 1 of 1

RDS - Knight: Protecting Whitelisted user accounts

Posted: Thu Mar 29, 2018 7:58 pm
by jimrob
Hi -- I'm piloting the RDS Knight protections, specifically endpoint protection and device control.

With device control, it appears that the admin account is whitelisted, which means that any device can be used to connect and use the admin account. That seems to be a security hole that needs to be plugged.

Are there any additional protections that I can put in place to compensate for this ? For example: Two-Factor authentication would ensure that it really is the Admin connecting, and not a hacker; Or something else ?

Thanks !

Re: RDS - Knight: Protecting Whitelisted user accounts

Posted: Fri Apr 06, 2018 7:32 pm
by adrien
Hello,

You are right, users in the RDS-Knight whitelist are not restricted on their device even when device control is enabled.
Remove the administrator from RDS-Knight whitelist would fix this issue, but might prove risky (blocking your own admin user would not be that good).

Regarding 2FA, we have a 2FA TSplus add-on planned in our end-of-2018 roadmap.
All times are UTC
Page 1 of 1

Powered by phpBB® Forum Software © phpBB Limited