I am about to push hard against the powers that be and strongly recommend that we shift our many (20+) consultants from direct public access to RDP & SSH to VPN clients (connecting to a VLAN/subnet that has restricted access to only necessary resources).
Given that we have a third-party SOC managing an IDS and monitoring connections, what are the risks of exposing RDP and SSH to the internet that forcing remote access via VPN will solve?