PortalRequest proposal
Directory › Connections › RDP

How to Add an RDP Connection in CyberVision

Purpose

Create an RDP connection to access a Windows host through the portal.

Prerequisites

  • Permission to create connections in the Connections module.
  • Target Windows host IP/DNS.
  • RDP port (default 3389, if not customized).
  • Valid credentials (username/password, and domain if required).
  • (Optional) Proxy/jump host, if required by your environment.

Step-by-step

1) Create the connection

1. Open Connections.

2. Click Add.

2) Set general connection details

In the Connection section:

  • Name: define a clear name (example: RDP - Finance Server).
  • Protocol: select RDP.

Why?

  • Name improves searchability and operational consistency.
  • Protocol selects the correct remote desktop stack and parameters.

3) Configure Proxy

In the Proxy section:

  • Hostname: proxy/jump host.
  • Port: proxy port.

Why?

  • In segmented environments, direct RDP is often blocked.
  • Proxy usage enables controlled access without exposing the destination host.

4) (Optional) Apply usage restrictions

In Additional Connection Restrictions:

  • Allowed date/time windows.
  • Allowed/blocked schedules.
  • Allowed/blocked source hosts.

Why?

  • Reduces attack surface.
  • Enforces operational policy/compliance.
  • Limits misuse outside approved contexts.

5) Configure RDP protocol parameters

In rdp: Protocol Parameters:

Network

  • Hostname: target host IP/DNS (example: 172.17.7.200).
  • Port: 3389 (or custom RDP port).

Authentication

  • Username: remote account username.
  • Password: remote account password.
  • Domain: Windows domain (if applicable).
  • Security mode: choose according to your environment policy.
  • Ignore server certificate: enable only if your policy allows it.

Why?

  • Hostname/Port define the technical destination.
  • Username/Password/Domain define identity context for Windows authentication.
  • Security mode controls protocol hardening/compatibility behavior.
  • Ignore server certificate should be exceptional; it lowers trust validation.

6) (Optional) Enable extra features

Drive Redirection

  • Enable drive
  • Drive name

Recordings

  • Enable session recording
  • Enable keystroke recording (if available in your setup)

Why?

  • Drive redirection supports controlled file exchange when needed.
  • Recording provides auditability and forensic visibility.

7) Save

  • Click Save.

Post-creation validation

1. Confirm the connection appears in the Connections list.

2. Start the connection and validate:

  • successful RDP session launch,
  • authentication and domain behavior,
  • certificate/security behavior as configured,
  • optional features (drive/recording) if enabled.

Best practices

  • Use a naming standard: RDP - <Team> - <Server>.
  • Avoid enabling Ignore server certificate in production unless justified.
  • Restrict access by source and schedule for sensitive systems.
  • Periodically review and disable/remove unused connections.
Was this helpful?
Yes: 0 · No: 0