VMware Networking Community
HywelB
Enthusiast
Enthusiast

Identity: Guest Introspection on RDS

Hi,

We have a requirement to use identity to allow certain connections. With desktops/laptops we will use the AD Event Log Scraper, but this wouldn't work reliably for multiple RDS sessions, as it is based on IP, and allow other non-privileged user on that server to connect.  Does using guest introspection improve this? As its an agent and can see the user id and the PID's its creating, natstat can then trace this back.

Thanks in advance

Tags (2)
Reply
0 Kudos
2 Replies
Techstarts
Expert
Expert

Identity firewall does not work if the destination is a terminal server or shared desktops where multiple users share an IP Address. Identity firewall maps a user to IP address. In RDS apparently, there is no easy to solve this problem right now.

With Great Regards,
HywelB
Enthusiast
Enthusiast

Checkpoint FW has an agent which does this - maps a user to IP & port - and maybe Palo Alto too.

Reply
0 Kudos