Hello!
We have VmwareView 7.3.1 end next connection scheme:
Internet -> Microtik Router OS (just forvarding ports) -> Vmware View Security Server -> Vmware View Connection Server -> Active directory
In AD logs I see a lot of failed attempts to connect under different accounts (admin, Administrator, adm etc). It seems that this is a simple brute force attack. At the same time in the AD logs there is no information about the ip-address of the attacker. Also we use Netwrix Auditor 9.5, but it seems same no ip-address...
How can I implement a protection scheme against such attacks? Something like fail2ban.
Are there ready-made solutions for Vmware View?
Grand tnx for help!