InterSpect NGX offers several protections for RDP including:
RDP Enforcement - This protection blocks malformed RDP traffic, preventing exploits attacking RDP servers. This defense is able to analyze RDP TCP streams, allowing for much more effective security than is possible by examining TCP packets one at a time. Strict Protocol Enforcement - The protection enforces that the traffic be composed of a single message per packet. The default RDP handshake is comprised of a single packet per message. If the traffic does not look like this, it can indicate suspicious activity. Session Resolution and Non-Standard Session Resolution - The protection allows you to specify the maximum screen width/height, as well as bits per pixel on the client side display window. This is used for bandwidth control. Remote Desktop connections can potentially take up a lot of bandwidth, because RDP sessions transmit picture, mouse, and keyboard data from the RDP server.
Version Control - This protection enables blocking a version if an exploit specific to the version has been detected. Several reasons account for blocking specific RDP versions:
There are vulnerabilities which are specific to a certain version.
'Block other RDP versions' can block older RDP versions, as well as specially crafted packets which contain a non-legitimate RDP version. Block Non-Windows Clients - This protection blocks clients connecting to an RDP server from a non-standard Remote Desktop client (Linux rdesktop, Tarantella, or any other non-Windows environment). Users can connect to RDP servers using non-Windows clients, which could expose the network to security threats. Block RDP over non-standard ports - This protection enables you to block RDP traffic on TCP ports other than 3389. If your organization runs RDP on a non-default port, ensur | 
Feedback