Terminal Server Protection in the Cloud
Traditionally, Windows Terminal Servers have been secured by proxying user data to on-prem web gateway appliances. If user-based policies and reporting were required, NTLM or Kerberos was the standard choice to accomplish that requirement. Unfortunately, NTLM and Kerberos are not cloud based technologies and are restricted to local network use. This causes friction when transitioning to the cloud as the need to secure users on Windows terminal servers on a per-user basis is still required. The iboss cloud easily secures users on Windows Terminal Servers in the cloud without complexity and can be configured in seconds.
The iboss cloud provides an easy to install agent that automatically protects user Internet access for any user accessing the Windows terminal server. The iboss cloud for Windows agent is provided in MSI format and can be pushed to the Terminal Server using Active Directory Group Policy. The iboss cloud terminal server agent is completely transparent to the user and connects users to iboss cloud automatically. In addition, the agent handles the installation of the required MITM SSL decryption certificate for users on the terminal server so that selective SSL decryption can also be achieved in the cloud.
The iboss cloud for Windows Terminal Server agent automatically associates each user session to a unique policy. This allows each user on the terminal server to have a dynamically associated policy for security and web filtering. This association is automatic and although all users may be sharing the same terminal server, the agent automatically maps the user’s group from Active Directory to the iboss cloud policy group for appropriate protection.