Increase encryption level RDP

Yvonne Müller 20 Reputation points
2023-04-13T13:20:49.0766667+00:00

Management requires that RDP be used company-wide with TLS 1.2 or if encrypted with TLS 1.3 supported by the client. It's Windows 10 and some Windows 11 clients in use. There is a domain with multiple Windows Server 2016 and Windows Server 2022 VMs.

How can I implement the default with group policies? And how can I Check encryption strength? Does somebody has any idea?

Windows
Windows
A family of Microsoft operating systems that run across personal computers, tablets, laptops, phones, internet of things devices, self-contained mixed reality headsets, large collaboration screens, and other devices.
4,832 questions
Remote Desktop
Remote Desktop
A Microsoft app that connects remotely to computers and to virtual apps and desktops.
4,283 questions
0 comments No comments
{count} votes

Accepted answer
  1. JJAComm 106 Reputation points
    2023-04-14T03:21:02.95+00:00

    Looks like it is a bit hard to visibly confirm at present. You can configure in group policy or on the collection as below and it will use TLS 1.2 it just looks like it will use 1.0. You could use IISCRYPTO to lock the servers to TLS 1.2 or better which would give you peace of mind. https://learn.microsoft.com/en-us/troubleshoot/windows-server/remote/incorrect-tls-use-rdp-with-ssl-encryption


0 additional answers

Sort by: Most helpful