ML
    • Recent
    • Categories
    • Tags
    • Popular
    • Users
    • Groups
    • Register
    • Login

    RDP support for VMs or Console only Access

    Scheduled Pinned Locked Moved IT Discussion
    xenserverrdpwindowssecurityvmware
    6 Posts 2 Posters 1.3k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • DustinB3403D
      DustinB3403
      last edited by

      So with hypervisors, do you enable RDP access to your virtual servers or do you restrict access to console only access?

      Obviously it's just another service that can be enabled, but is it wise to do so, when you can access your VMs via the console from tools like XenCenter, vCenter and Xen Orchestra?

      1 Reply Last reply Reply Quote 1
      • scottalanmillerS
        scottalanmiller
        last edited by

        The general rule is the opposite, restrict console and focus on remote access. This is why most enterprise cloud platforms (like Azure, Amazon, etc.) don't even allow console access any more. Console access is seen as a crutch in many cases. Once you move to DevOps.... BOTH are considered a crutch.

        1 Reply Last reply Reply Quote 0
        • DustinB3403D
          DustinB3403
          last edited by

          If you have tools in place to remove RDP access though (which opens up a wider surface area), and since such tools like XO expressly provide console access wouldn't management be easier?

          The reason I say this is, people who access to your VM's presumably are allowed to be there, and probably have more security than say a website visitor being hosted from one of those VMs.

          Opening up RDP access (not necessarily from the Internet) but in general just opens more ports, more firewall changes etc.

          scottalanmillerS 3 Replies Last reply Reply Quote 0
          • scottalanmillerS
            scottalanmiller @DustinB3403
            last edited by

            @DustinB3403 said in RDP support for VMs or Console only Access:

            If you have tools in place to remove RDP access though (which opens up a wider surface area), and since such tools like XO expressly provide console access wouldn't management be easier?

            No, working with the console is always considered bad. It's extremely inefficient, lacks copy/paste, lacks normal security measures... it's designed as a fall back only. It's not intended to be used any more than sitting in front of the server is not intended to be used.

            1 Reply Last reply Reply Quote 0
            • scottalanmillerS
              scottalanmiller @DustinB3403
              last edited by

              @DustinB3403 said in RDP support for VMs or Console only Access:

              The reason I say this is, people who access to your VM's presumably are allowed to be there, and probably have more security than say a website visitor being hosted from one of those VMs.

              I don't understand the comparison here. The same would be said about people accessing via RDP.

              1 Reply Last reply Reply Quote 0
              • scottalanmillerS
                scottalanmiller @DustinB3403
                last edited by

                @DustinB3403 said in RDP support for VMs or Console only Access:

                Opening up RDP access (not necessarily from the Internet) but in general just opens more ports, more firewall changes etc.

                Sure, but granting unnecessary access to the console does that, too. You need access to the VMs from far more places than you need it to the console.

                1 Reply Last reply Reply Quote 0
                • 1 / 1
                • First post
                  Last post