Remote Desktop Protocol (RDP) is a protocol, or technical standard, for using a desktop computer remotely. Remote desktop software can use several different protocols, including RDP, Independent Computing Architecture (ICA), and Virtual Network Computing (VNC), but RDP is the most widely used protocol. RDP was initially released by Microsoft and is available for most Windows operating systems, but it can also be used with Mac operating systems.
What does “remote desktop” mean?
Remote desktop is the ability to connect to and use a distant desktop computer from a different computer. Remote desktop users can access their desktop, open and edit files, and use applications as if they were actually sitting at their desktop computer. Employees often use remote desktop software to access their work computers when traveling or working from home.
Remote desktop access is very different from cloud computing, although both allow employees to work remotely. In cloud computing, users access files and applications that are stored in the cloud, specifically on cloud servers. In contrast, when using remote desktop software, users actually access their physical desktop computer and can only use files and applications stored locally on that desktop. Cloud computing is sometimes easier to use and more efficient to implement for remote workforces, but many companies have not migrated to the cloud, or are unable to do so for security or regulatory reasons.
How does RDP work?
Think of a drone or a remote-controlled toy car. The user presses buttons and steers the drone or car from afar, and their commands are transmitted to the vehicle. Using RDP is similar: the user’s mouse movements and keystrokes are transmitted to their desktop computer remotely, but over the internet rather than via radio waves. The user’s desktop is displayed on the computer they are connecting from, as if they were sitting in front of it.
The RDP protocol opens a dedicated network channel for sending data back and forth between the connected machines (the remote desktop and the computer in use). It always uses network port 3389 for this purpose. Mouse movements, keystrokes, desktop display, and all other necessary data are sent through this channel via TCP/IP, which is the transport protocol used for most types of Internet traffic. RDP also encrypts all data to make connections over the public Internet more secure.
Because keyboard and mouse activity must be encrypted and transmitted over the Internet, which takes a few milliseconds, and because the desktop screen must be transmitted back to the user, there are often slight delays. For example, if a user double-clicks on an application to open it, the “double-click” may not occur for a few milliseconds, as the user’s action is transmitted to the desktop before it is carried out. Then, when the application opens, there may be another brief delay as the screen is transmitted back to the user.
RDP Features and Functions
RDP is a secure, interoperable protocol that creates secure connections between clients, servers, and virtual machines. RDP works across different Windows operating systems and devices and provides strong physical security through remote data storage.
Among the most notable properties of RDP are the following:
- smart card authentication;
- bandwidth reduction;
- the ability to use multiple screens;
- the ability to temporarily disconnect without logging out;
- RemoteFX virtualized GPU (graphics processing unit) support;
- 128-bit encryption for mouse and keyboard data using RC4 encryption;
- directs audio from a remote desktop to the user’s computer;
- redirects local files to a remote desktop;
- local printers can be used in remote desktop sessions;
- remote desktop session applications can access local ports;
- shares the clipboard between the local and remote computers;
- applications on a remote desktop can run on a local computer;
- supports Transport Layer Security;
- improvements to RemoteApp;
- support for faster connections; and
- support for session shadowing.
RDP can support up to 64,000 independent channels for data transmission. Data can be encrypted with 128-bit keys. The bandwidth reduction feature optimizes data transfer speed on low-speed connections.
What are the pros and cons of using RDP?
RDP has several advantages. One is that it does not require a VPN. It also keeps data stored securely on the user’s desktop, rather than storing it on cloud servers or the user’s unsecured personal devices. In addition, RDP allows companies with legacy on-premises IT configurations to enable their employees to work from home.
However, RDP can cause users to experience delays, especially if their local internet connection is slow. This can frustrate remote employees and reduce their productivity. RDP also has some serious security vulnerabilities that leave it open to cyberattacks.
RDP Security Issues
When running RDP, it is important to follow RDP best practices, such as not using open RDP connections over the internet or giving anyone direct access to an RDP server. Other precautions include using defense in depth, which utilizes multiple layers of security, and the principle of least privilege, which limits user access to only the systems that are absolutely necessary.
The BlueKeep security flaw affected users of older versions of Windows by installing malicious software and making changes to data. First discovered in May 2019, these vulnerabilities affected Windows 7, Windows XP, Windows 2000, Windows Server 2003, and Windows Server 2008. Historically, RDP has been susceptible to hash-passing attacks and computer worms. Although less effective, brute-force attacks have been used to gain access to previous and current versions of RDP.
Microsoft provided security patches for those earlier versions of Windows, and the latest versions of RDP are much more secure. The latest Windows operating systems contain a mechanism to specify which users can access the system through an RDP session. There is also an option to prevent anyone from remotely accessing the system unless they are using network-level authentication.
Conclusion
This is one of the most widely used protocols today for connecting to a Windows server. Is it secure? Yes, but only if all security patches and security methods are applied from where you connect to where you are connecting.
I hope you like this post and find it helpful.
