angfeglandagan Sat, 08/23/2008 - 09:49
User Badges:

I firgured it out..since rdp uses 3389 port ...

i created a custom policy then add the port 3389 to http connect then set it to block access.

did any try this ?


Doc_ironport Mon, 08/25/2008 - 00:19
User Badges:

By default the S-Series will not allow RDP traffic to be tunnel through it.

RDP uses port 3389, which is not included in the normal "allow" list of ports for CONNECT requests (which is how the client can ask for a tunnel). If you've added port 3389 (or a range including it) then you can block RDP by removing that port. If you haven't added it, then it's already blocked!

Of course, the IronPort will only block people trying to tunnel RDP traffic through it. If you want to block it outright, you'll also need to block it at your firewall if you haven't already.


This Discussion