We are using Server 2012r2 RDS gateway and have the PA configured to with a security policy to allow the untrusted traffic (ssl, rds, http) that is NATed to the internal rds gateway. We are seeing a lot of failed audits in the logs on the terminal server. What is the best way to prevent brute force attacks for logins to Active Directory?
Ideally you would setup a DoS classified profile and set the limits that you feel are required.
Just as a side note though there are plenty of products and open source projects that could be setup to read your failed login attempts and once they pass a set threshold feed into a list that you could use as an EBL on the firewall to build a security policy. Just a thought.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!
The Live Community thanks you for your participation!