Enterprise Mobility and Security Blog

RSS

Hi,

Nadim here again. Today we’re wrapping up our Top 10 list of RDP Misconceptions. So without further ado…

1) Myth: RDP is insecure; there is no encryption

To be clear, this is totally false! RDP has always supported strong encryption and is by default encrypted!

What has changed over the releases is the type of encryption we offer. The very first versions of RDP back in the Windows 2000 era had encryption that was based on SSL.

As early as Windows 2003 SP1 RDP we decided to introduce full-blown standards-based encryption (i.e. the same SSL as your browser uses to connect to your bank). SP1 did this by introducing standard SSL-encryption as an option.

Current versions of RDP have even stronger encryption and server authentication options out of the box. This is because they are built on top of a security mechanism in Windows called CredSSP which uses Kerberos or TLS (aka SSL) for authentication – when you use those settings RDP is using the same or stronger encryption that your browser uses when communicating with your bank.

2) Myth: RDP performance hasn’t changed much over the releases

False! We’re constantly working to improve RDP performance as well as adding a lot of great functionality to RDP in terms of features.

Every release since Windows 2000 has seen improved perf, i.e. there is a real benefit to upgrading to the latest client and server (e.g. RDP 6.1).

Here’s just one example of the bandwidth difference for a common scenario across several releases of RDP. We essentially have in these scenarios gains of between 8% to 45% bandwidth improvement from switching to the latest protocol. See the RDP Performance Whitepaper for more details on this data.

clip_image002

Going forward – We’re hard at work to continue that trend and bring even better innovations and improved remote experiences – see Asael’s post on some of the future upcoming improvements.

3) Myth: RDP is only used in Remote Desktop Services (formerly TS)

RDP is actually used under the hood in pretty much every Microsoft product that benefits from desktop or application remoting.

Just some examples of products or features you may not have known were built on top of RDP for their remoting needs:

· Remote Assistance

· Windows Media Center Extenders use RDP internally (including Xbox360)

· Windows Live Mesh

· Hyper-V Virtual Machine console

· Office Communications Server 2007 R2

· System Center Configuration Manager (SCCM)

If you’re interesting in seeing how RDP might be able to fit within your application, see the next point…

4) Myth: I can’t customize or program extensions to RDP

There are actually several useful ways to extend/or customize RDP:

· Programming the RDP Client: Host the RDP ActiveX control in your web page or application.

The Remote Desktop client in Windows is a great example of an application that hosts the RDP ActiveX control. This control is fully documented in MSDN. It’s possible for 3rd party software developers to host this control in an app or a web page to provide desktop remoting as part of your larger app.

· Programming the RDP Server side: Use the Windows Desktop Sharing API

This blog post by Seenu has a lot of good detail and examples on how you can use our Windows Desktop Sharing API to write custom collaboration or desktop sharing applications, these APIs are all built on the same core RDP protocol that powers Windows Remote Desktop.

· Write a dynamic virtual channel extension to RDP

Probably the most powerful way to extend RDP is to actually write a virtual channel plug-in extension to RDP. This allows you to extend the protocol with your own bi-directional channel that can communicate from client to server. The possibilities are limitless but some examples include supporting new devices over RDP. We have a nice blog post with an overview of the dynamic virtual channel API or the docs are in MSDN.

5) Myth: The RDP protocol is not publicly documented

If you’re curious to learn more about very low-level technical details of RDP, we have thousands of pages of detailed specifications up on MSDN. For example, you can see the documents for the core protocol sequence and basic graphics here.

I hope this list was useful, if you’ve got any questions or want to provide us with feedback or suggestions for what you’d like to see in RDP we’d love to hear it!

Thank you!