Terminal Server Protection in the Cloud

Easily secure user Internet access on Windows Terminal Servers using iboss cloud with per-user and per-group based policies and reporting

Traditionally, Windows Terminal Servers have been secured by proxying user data to on-prem web gateway appliances. If user-based policies and reporting were required, NTLM or Kerberos was the standard choice to accomplish that requirement. Unfortunately, NTLM and Kerberos are not cloud based technologies and are restricted to local network use. This causes friction when transitioning to the cloud as the need to secure users on Windows terminal servers on a per-user basis is still required. The iboss Cloud Platform easily secures users on Windows Terminal Servers in the cloud without complexity and can be configured in seconds.

Secure user Internet access on Windows Terminal Servers in the cloud

The iboss cloud provides an easy to install agent that automatically protects user Internet access for any user accessing the Windows terminal server. The iboss cloud for Windows agent is provided in MSI format and can be pushed to the Terminal Server using Active Directory Group Policy. The iboss cloud terminal server agent is completely transparent to the user and connects users to iboss cloud automatically. In addition, the agent handles the installation of the required MITM SSL decryption certificate for users on the terminal server so that selective SSL decryption can also be achieved in the cloud.

Unique user and group based policies for users accessing the Windows Terminal Server

The iboss cloud for Windows Terminal Server agent automatically associates each user session to a unique policy. This allows each user on the terminal server to have a dynamically associated policy for security and web filtering. This association is automatic and although all users may be sharing the same terminal server, the agent automatically maps the user’s group from Active Directory to the iboss cloud policy group for appropriate protection.

Reporting with username association for Windows terminal sessions

The iboss cloud will also generate reporting log events and drill down reports with data correlated to specific users of the Terminal Server. This allows for granular reporting and the ability to generate user-based reports. The iboss cloud can stream these user-based logs to external SIEMs, Security Operation Centers and Managed Security Service Providers directly from the cloud.

Take the next step in shifting to the world’s largest security platform built for the future.

Sign up for a demo to see how the iboss Zero Trust SSE prevents breaches by making applications, data and services inaccessible to attackers while allowing trusted users to securely and directly connect to protected resources from anywhere.