It limits the damage that can be done by minimizing the potential for contaminants or pollutants to enter the network.
By stopping in the “gowning room” and passing through the airlock, pollutants are removed, and people are severely limited in what they are allowed to bring into the cleanroom.Īn intermediary when using RDP serves the same purpose. In a cleanroom environment, workers need to be able to enter and exit without contamination. This scenario is very similar to a cleanroom, where potential contagions need to be isolated from each other. Limit the damage that can be done by minimizing the potential for contaminants to enter the network Your goal is to protect the computers in your network from external infiltration and from spreading rogue material laterally to other machines on the network. The same goes for allowing system administrators to have unfettered access to all machines in the network: they may unwittingly compromise a swath of machines or, if privileged credentials fall into the wrong hands, they can be used to navigate through the network and compromise the most critical pieces of infrastructure and data. A rogue program installed on a computer in such an open network can wreak havoc. Allowing information to be passed freely can expose all machines on the network to malware, phishing, fake websites, and pass-the-hash attacks. It can be dangerous to allow any computer on a network to communicate with any other computer without any type of monitoring and oversight. Why do I need an intermediary when using RDP? Why can’t I access any machine directly? Let’s back up a bit and explain why RDP can be risky. This approach capitalizes on the strengths of using a jump host, without a jump host’s downsides. The state of the art when it comes to securing RDP connections is to use an SSH Proxy within a modern PAM solution. Use an SSH Proxy within a modern PAM solution The best method? Implement a PAM solution with the capabilities to directly manage and secure privileged sessions. In other words, jump hosts are the second-best way to secure RDP sessions. Microsoft recommends jump hosts because they are the safest RDP method for customers that do not own a PAM solution. However, jump hosts don’t reflect a modern, efficient architecture. What was once a common way of securing RDP-jump hosts-is still a valid approach some companies prefer. In the case of securing Remote Desktop Protocol (RDP), PAM practices have followed this pattern of evolution.
What might have been considered a state-of-the-art approach ten or even five years ago is no longer defined as a best practice. Security practices are constantly evolving.
0 kommentar(er)
