What Is Remote Desktop Protocol (RDP)?
Remote Desktop Protocol Defined
Remote Desktop Protocol (RDP) enables a computer user to access another computer in a different location. RDP is a secure network communications protocol created by Microsoft, allowing remote access to applications and desktops. It offers remote management to network administrators, who can diagnose and resolve issues that users encounter. It is also used to support network topologies and local-area network (LAN) protocols.
Understanding "Remote Desktop"
Remote desktop means being able to connect to and use one computer via another computer. This enables users to access the applications on a device that is in a different location. For example, an employee could use remote desktop to access a work device when they are at home or traveling. Admins can also manage multiple users simultaneously using a Windows Server with Remote Desktop Services, or a Terminal Server, enabled.
Cloud computing enables users to work remotely, but that is where the similarities with RDP end. With cloud computing, users can access applications and files located in the cloud on cloud servers. But RDP enables them to access files on their computer from a separate location. Both tools are useful for remote working but work in very different ways.
RDP is also often compared to virtual network computing (VNC). However, VNC connects to a user’s RDP session but cannot be used to create virtual desktops. VNC connects directly to a computer, whereas RDP connects to a terminal server, making RDP much quicker than VNC.
Properties of RDP
RDP offers secure connections between users’ devices and servers and encrypts virtual desktops. Critical properties of RDP include:
Smart Card Authentication
This enables users to verify their identity through smart cards, which are physical security tokens that include an embedded chip.
RDP often offers reduced bandwidth because most of the user’s screen is not updated, which ensures it does not need to be retransmitted.
Multiple Display Usage
RDP admins can connect to multiple users’ devices and displays. They can also temporarily disconnect without logging off the service.
Virtualized Graphics Processing Unit (GPU) Support
RDP has a set of protocols called RemoteFX, which enables the remote delivery of virtual desktops over LANs. RemoteFX offers a higher-quality user experience because it provides advanced coding and virtualization of graphics.
Audio redirection enables audio from remote desktops to be redirected onto the user’s computer.
File System Redirection
File system redirection enables files stored locally on a device to be sent to and used on remote desktops.
Printer redirection ensures that printers located in local networks can be used during remote desktop sessions.
Port redirection enables applications used through a remote desktop session to access local ports.
How Does the Remote Desktop Protocol (RDP) Work?
RDP transmits the activity a user carries out on one computer, such as mouse movement and keyboard activity, to another computer remotely. The desktop of the device they are accessing remotely is displayed on the device they are using to connect to it.
This works via the RDP creating a network dedicated to sharing data between the two devices. Data is always shared using network port 3389 and is sent through core internet protocols like Transmission Control Protocol/Internet Protocol (TCP/IP) and User Datagram Protocol (UDP). RDP encrypts data to secure connections and user activity.
RDP requires an RDP server, which is typically the user’s Windows computer, and an RDP client, a device with an RDP application that allows an administrator to control and make remote changes to the user’s device. This remote desktop setup only enables admins to make changes to the user’s Windows device, which differentiates it from cloud computing.
Pros and Cons of RDP
There are advantages and disadvantages to using RDP. Below is an overview of the pros and cons.
VPN Not Required
Using RDP means organizations do not have to use virtual private networks (VPNs) to guarantee secure connections from insecure locations or Wi-Fi networks.
Data Stored Securely on the User's Desktop
A significant benefit of RDP is that data is stored securely on users’ desktops, which means they do not have to move it to cloud servers or store it on insecure personal devices, such as Universal Serial Bus (USB) drives.
On-premises IT Set-up
RDP is also useful for enabling all employees to work from home or on the go while travelling. This is particularly helpful for organizations that are restricted to legacy on-premises IT environments and cannot utilize cloud servers.
User May Experience Lag
RDP can result in users experiencing lag, especially if they have a slow internet connection. This is often caused by user activity having to be encrypted and transmitted to their remote desktop then back to them via the internet.
Security Vulnerabilities and Cyberattacks
Is RDP secure? Despite encrypting traffic, organizations still question whether RDP is secure as a result of RDP attacks happening in recent years. That is because it contains security vulnerabilities that cyber criminals have exploited. These include weak user login credentials, as computer passwords are also used to access remote RDP logins, which leave users open to brute-force attacks and credential stuffing.
Another significant risk is that RDP always uses port 3389, which provides cyber criminals an opportunity to exploit a security weakness.
Lower Employee Productivity
The lag that RDP causes may result in lower employee productivity. For example, it can result in an application taking a little longer to load than users might expect.
How Fortinet Can Help?
Fortinet enables organizations to secure their RDP activity through its FortiGate next-generation firewalls (NGFWs). NGFWs filter network traffic to protect businesses against internal and external security threats. They provide features like packet filtering, IP mapping, IP security (IPsec), network monitoring, and secure sockets layer (SSL) VPN support. They also offer more in-depth and more advanced features, such as application control, intrusion prevention, and SSL inspection, which enable organizations to identify and block malware and other forms of cyberattacks.
NGFWs also offer future updates, which ensure businesses are always protected from the latest threats and attack vectors as the threat landscape evolves. Users need to create a new firewall policy that allows RDP traffic to pass through their FortiGate firewall.
Fortinet FortiGuard Labs, the threat intelligence and research labs arm of Fortinet, provides businesses with the latest insight into cyber threats, trends, and vectors being used by cyber criminals. It ensures organizations are armed continuously with the latest threat intelligence alongside industry-leading threat identification and protection, enabling them to better secure their networks, environments, and users.