0

I'm dealing with a hypothetical infrastructure for enabling workers to use RDP for remote access to their work PCs. These would be virtualized Win7 machines within a VMWare vSphere environment. Workers would have to use a VPN client installed on their PCs/notebooks at home to connect to a VPN gateway and traffic is then routed through a firewall to the LAN where the vSphere environment is situated.

What are the most common security threats that have to be considered when doing a security analysis and/or risk analysis?

EDIT:

I just found this question which answers mine as well partly, but I would also like to know more about threats concerning RDP when used to connect virtual machines.

Tom K.
  • 7,913
  • 3
  • 30
  • 53
  • I think the VPN -> Firewall -> LAN is a good approach to using an RDP session on a local network. Now, if you were exposing machines (VM's) with open RDP sessions, even with obfuscated port numbers (Not 3389), then I would say there is an issue. In this case, you may want to monitor the traffic more closely and subject to how you are implementing your VPN (i.e. PFsense, etc) it should be fairly simple to do. – Joshua Faust Jun 23 '17 at 12:39
  • I don't think, that this is a duplicate. I'm asking about threats that have to considered when doing a risk analysis. IMO that is not what the other question was about. It might be too complex for the SE-style of question though. – Tom K. Jun 26 '17 at 09:34

1 Answers1

0

Answering your edit part:

As the machine is a virtual machine it makes no difference (assuming the VM host is correctly patched and managed). The link in which you found covers the main answers to your question.

ISMSDEV
  • 3,272
  • 12
  • 22