anavem.
Back to Glossary
R

RDP (Remote Desktop Protocol)

RDP is a network protocol developed by Microsoft that allows users to remotely access and control a computer over a network connection.

What is RDP?

Remote Desktop Protocol (RDP) is a remote access protocol that enables a user to connect to and interact with a graphical desktop session on another computer. It transmits screen updates, keyboard input, mouse movements, and audio over the network.

RDP is natively supported by Windows operating systems and widely used in enterprise environments.

Why RDP matters

RDP is important because it:

  • Enables remote administration of servers and workstations
  • Supports remote and hybrid work scenarios
  • Reduces the need for physical access to systems
  • Allows centralized IT operations and support
  • Is deeply integrated into Windows infrastructures

It is a core tool for system administrators.

How RDP works (simplified)

A typical RDP session involves:

  1. A client initiates a connection to a remote host
  2. Authentication is performed (credentials, MFA if enabled)
  3. A secure session is established
  4. The remote desktop interface is streamed to the client
  5. User input is sent back to the remote system

RDP operates over TCP (and optionally UDP).

RDP ports and transport

  • Default port: TCP 3389
  • Optional UDP usage for performance improvements
  • Can be tunneled through VPNs or gateways

Exposing port 3389 directly to the internet is strongly discouraged.

RDP and security

From a security standpoint, RDP is a high-value attack target:

  • Frequently targeted by brute-force attacks
  • Often abused after credential theft
  • Used in lateral movement during breaches
  • Exploited when systems are unpatched

Securing RDP is critical in any environment.

Securing RDP access

Best practices include:

  • Enabling Network Level Authentication (NLA)
  • Using MFA for remote access
  • Restricting access via VPN or Remote Desktop Gateway
  • Limiting access by IP and firewall rules
  • Keeping systems fully patched
  • Monitoring logs for failed login attempts

RDP should never be exposed without layered protections.

RDP in enterprise environments

Organizations commonly use RDP for:

  • Server administration
  • Remote IT support
  • Access to internal applications
  • Virtual desktop infrastructures (VDI)
  • Bastion or jump-host access models

RDP is often combined with gateways and Zero Trust controls.

RDP vs other remote access tools

AspectRDPThird-party tools
Native to WindowsYesNo
Integration with ADStrongVaries
LicensingIncludedOften paid
SecurityDepends on configTool-specific

RDP's strength lies in its native integration.

Common misconceptions

  • "RDP is insecure by design"
  • "Changing the default port is enough"
  • "RDP should always be open to the internet"
  • "RDP replaces VPNs"