Our firewall appliance is a Cisco ASA-5510.
I manage many HP thin clients. They come with RDP built in, which is a useful admin tool in certain situations. Unfortunately I can't block certain users on the thin client from using RDP, as the only way to block them from using it is to remove it completely from the thin client.
How can I stop RDP from leaving the inside interface, except for a small group of ip's?
Also, what about RDP connections that are trying to go to non-standard ports (not 3389)?