Integration
Multi-factor authentication to Microsoft RDP (Remote Desktop)
Secure login (MFA/2FA) to Remote Desktop Protocol
Learn more
Passwordless login with the ProID Mobile app
Secure Remote Desktop Administrator Logon
The Microsoft Remote Desktop Protocol (RDP) allows both administrators and users to remotely access remote computers or servers. RDP is used as a remote access or Remote Desktop Services technology.
It is important to maintain strict security measures for these operations to minimize the risk of unauthorized access to connected devices. Our solution complements the regular login to RDP with another factor – secure two-factor authentication using the ProID Mobile mobile method.
ProID and Remote Desktop Protocol integration
- RDP connection in ProID Mobile is handled through the Remote Desktop Gateway (RD Gateway), which is part of Remote Desktop Services (RDS)
- ProID Mobile supports RADIUS authentication using a SW token
- Only the push method is supported as a user authentication method for RDG
- Remote Desktop Services supports RADIUS authentication
- Authentication levels:- Network Policy Server (NPS) acts as the first factor- ProID Mobile as the second factor (Radius proxy)
- It is possible to install as a SaaS (cloud service) or on-premise on servers inside the organization
Components
- User identities originating from the customer’s Azure Active Directory (AAD) – AAD ProID trust
- Install ProID RADIUS Proxy (communication with RADIUS-Cloud application) – Existing Windows Server can be used
- Remote Desktop Services (RD Gateway)
Interested in Multifactor Authentication for your organisation? Book an online consultation with our experts and get a Free Trial!
Multi-factor authentication to Microsoft Remote Desktop Services via Radius Gateway
How it works:
- The TS Gateway server acts as an intermediary between the client device (external to the domain) and the internal computers in the domain.
- When a user initiates an RDP connection to an internal computer, RDP traffic is encapsulated in an SSL-encrypted tunnel and sent to the TS Gateway server.
- TS Gateway uses Network Policy Server (NPS) to authenticate the user and their permissions to access the requested internal computer.
- After authentication and authorization, the TS Gateway server forwards the RDP traffic to the appropriate internal machine in the domain and allows the RDP session to be established.