Best way to prevent brute force attacks (LDAP) on public facing Microsoft RDWeb login page

Reply
Highlighted
L1 Bithead

Best way to prevent brute force attacks (LDAP) on public facing Microsoft RDWeb login page

We are using Server 2012r2 RDS gateway and have the PA configured to with a security policy to allow the untrusted traffic (ssl, rds, http)  that is NATed to the internal rds gateway.   We are seeing a lot of failed audits in the logs on the terminal server.  What is the best way to prevent brute force attacks for logins to Active Directory?

L7 Applicator

Re: Best way to prevent brute force attacks (LDAP) on public facing Microsoft RDWeb login page

Ideally you would setup a DoS classified profile and set the limits that you feel are required.

Just as a side note though there are plenty of products and open source projects that could be setup to read your failed login attempts and once they pass a set threshold feed into a list that you could use as an EBL on the firewall to build a security policy. Just a thought. 

Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!

The Live Community thanks you for your participation!