Hi Luc,
Not a powercli question but
If yu suggest on below
Microsoft: 1 million machines still vulnerable to Windows security exploit - The Verge
Does use of powershell remoting over RDP
Can make windows machine less vulnerable for such attacks.
Yes, I think you can assume allowing RDP constitutes the same kind of risk as PS Remoting.
In both cases, as an organisation, you need to understand what you are doing.
And more importantly, take sufficient security measures to minimise the risk.
Security, in my opinion, requires a layered approach, protect your boundaries (FW, proxy, DMZ...) and protect what is allowed inside.
Just like for example with JEA, only allow what is necessary, don't open things in general, without knowing why you open them and what the purpose of opening them is,
When in doubt talk/converse with your Security Officer.
Blog: lucd.info Twitter: @LucD22 Co-author PowerCLI Reference
While it should be obvious that you should have the habit of patching your exposed systems asap, there are a number of security measures you can take when setting up PS Remoting.
First, PS Remoting is not enabled by default, it's a choice you make in your organisation to enable it.
One of the most obvious measures to take would be to start using certificates.
See PowerShell Remoting Security Considerations for other measures you can take.
Blog: lucd.info Twitter: @LucD22 Co-author PowerCLI Reference
Thnaks Luc .Iam checking this however in brief .
can we say that powershell remoting if enabled as company's choice would reduce risk associated with RDP without out loosing any functionality.??
or comparion of above does not make sense we can use both .??
Yes, I think you can assume allowing RDP constitutes the same kind of risk as PS Remoting.
In both cases, as an organisation, you need to understand what you are doing.
And more importantly, take sufficient security measures to minimise the risk.
Security, in my opinion, requires a layered approach, protect your boundaries (FW, proxy, DMZ...) and protect what is allowed inside.
Just like for example with JEA, only allow what is necessary, don't open things in general, without knowing why you open them and what the purpose of opening them is,
When in doubt talk/converse with your Security Officer.
Blog: lucd.info Twitter: @LucD22 Co-author PowerCLI Reference
thanks Luc.