Best way to prevent brute force attacks (LDAP) on public facing Microsoft RDWeb login page

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Please sign in to see details of an important advisory in our Customer Advisories area.

Best way to prevent brute force attacks (LDAP) on public facing Microsoft RDWeb login page

L1 Bithead

We are using Server 2012r2 RDS gateway and have the PA configured to with a security policy to allow the untrusted traffic (ssl, rds, http)  that is NATed to the internal rds gateway.   We are seeing a lot of failed audits in the logs on the terminal server.  What is the best way to prevent brute force attacks for logins to Active Directory?

1 REPLY 1

Cyber Elite
Cyber Elite

Ideally you would setup a DoS classified profile and set the limits that you feel are required.

Just as a side note though there are plenty of products and open source projects that could be setup to read your failed login attempts and once they pass a set threshold feed into a list that you could use as an EBL on the firewall to build a security policy. Just a thought. 

  • 2410 Views
  • 1 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!