Is there a way of using the firewall to protect RDP connections?
I have some customers that do not want to give up the way their current RDP remote access works. They don’t want a VPN. These customers are using windows 7, 8.1 or 10 (no windows server.)
For these customers I have enabled windows account lockouts, strong passwords and other recommended windows security settings, changed the port and installed software that automatically puts a block on any IP’s that fail RDP login multiple times.
These methods are reactive, I’m looking for a more proactive solution.
Is there any way to authenticate the users at the firewall first?
Is there anyway to put in a rule where a port scan or an attempt to connect to port 3389 automatically bans that IP address for a period of time.